======================================================================= THE JOURNAL OF AMERICAN UNDERGROUND COMPUTING / Published Quarterly ====================================================================== ISSN 1074-3111 Volume One, Issue Seven January 17, 1994 ====================================================================== Editor-in-Chief: Scott Davis (dfox@fc.net) Co-Editor/Technology: Max Mednick (kahuna@fc.net) Conspiracy Editor: Gordon Fagan (flyer@io.com) Information Systems: Carl Guderian (bjacques@usis.com) Legal Editor Steve Ryan (blivion@sccsi.com) Computer Security: George Phillips (ice9@paranoia.com) Graphics/WWW Design Mario Martinez (digital@comland.com) ** ftp site: etext.archive.umich.edu /pub/Zines/JAUC ** ftp site: ftp.fc.net /pub/tjoauc U.S. Mail: The Journal Of American Underground Computing or Fennec Information Systems 10111 N. Lamar - Suite 25 Austin, Texas 78753-3601 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% IMPORTANT ADDRESSES - ============================================================================ To Subscribe to "TJOAUC", send mail to: sub@fennec.com All questions/comments about this publication to: comments@fennec.com Send all articles/info that you want published to: submit@fennec.com Commercial Registration for Profitable Media: form1@fennec.com ============================================================================ "The underground press serves as the only effective counter to a growing power, and more sophisticated techniques used by establishment mass media to falsify, misrepresent, misquote, rule out of consideration as a priori ridiculous, or simply ignore and blot out of existence: data, books, discoveries that they consider prejudicial to establishment interest..." (William S. Burroughs and Daniel Odier, "The Job", Viking, New York, 1989) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Contents Copyright (C) 1995 The Journal Of American Underground Computing and/or the author of the articles presented herein. All rights reserved. Nothing may be reproduced in whole or in part without written permission of the Editor-In-Chief and/or the author of the article. This publication is made available periodically to the amateur computer hobbyist free of charge. Any commercial usage (electronic or otherwise) is strictly prohibited without prior consent of the Editor, and is in violation of applicable US Copyright laws. To subscribe, send email to sub@fennec.com %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% DISCLAIMER AND NOTICE TO DISTRIBUTORS - NOTE: This electronic publication is to be distributed free of charge without modifications to anyone who wishes to have a copy. Under NO circumstances is any issue of this publication, in part or in whole, to be sold for money or services, nor is it to be packaged with other computer software, including, but not limited to CD Rom disks, without the express written or verbal consent of the author and/or editor. To obtain permission to distribute this publication under any of the certain circumstances stated above, please contact the editor at one of the addresses above. If you have intentions of publishing this journal in any of the ways described above, or you are in doubt about whether or not your intentions conflict with the restrictions, please contact the editor. FOR A COPY OF THE REGISTRATION FORM, MAIL - form1@fennec.com This publication is provided without charge to anyone who wants it. This includes, but is not limited to lawyers, government officials, cops, feds, hackers, social deviants, and computer hobbyists. If anyone asks for a copy, please provide them with one, or mail the subscription list so that you may be added. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% TABLE OF CONTENTS [File #1:] Is There A Santa Claus Unknown What Do People Think Unknown .SIG Heil K. K. Campbell WWW - The Junkyard Of The Internet Ram Samudrala Austin (Tx) Zeen Scene Josh Ronsen Object Technology In Cyberspace Chris Hand [File #2] Deadkat Deadkat EFF Personnel Announcement Stanton McCandlish Reader Feedback Our Reader(s) Call Security / Voice Crypto FAQ Neil Johnson There's A Body On The Internet Uncle Bob's NN #103 [File #3] Windows And TCP/IP For Internet Access Harry Kriz [File #4] Windows And TCP/IP For Internet Access (Cont...) Harry Kriz [File #5] Say What? Libel And Defamation On The Internet Eric Eden Jacking In From The "Back From The Dead" Port Brock Meeks Announcing Slipknot Felix Kramer [File #6] Telecommunications Security Howard Fuhs [File #7] Old Freedoms And New Technologies Jay Weston Information Superhighway: Reality Reid Goldsborough Internet Tools Summary John December LOD T-Shirts Chris Goggans [File #8] Interview With Erik Bloodaxe (Chris Goggans) Netta Gilboa [File #9] Review Of Slipknot 1.0 Scott Davis cDc GDU #18 Swamp Ratte My Letter To Wired Magazine Scott Davis [File #10] Caller ID FAQ Padgett Peterson The Pentium Bug War Ends As We Know It James/Ted Barr Pentium Non-Disclosure Agreement Of Dr. Nicely Thomas Nicely The Computer Nevermore [A Late Christmas Tale] Unknown Twas The Night Before Star Trek [Another One] Unknown Santa Claus Source Code [The Last Late X-Mas Tale] Unkown [File #11] My Life As An International Arms Courier Matt Blaze An Open Letter To Wired Magazine Chris Goggans When Bigotry Outpaces Technology Douglas Welch Letter From Steve Case: Child Porn On AOL Steve Case [File #12] Lee Harvey Oswald Died For Your Sins Gordon Fagan %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  [Editor's note: Since we did not come out with an issue anytime near Christmas, I am throwing all of our holiday stuff in first. Have a great year] IS THERE A SANTA CLAUS? By: Unknown As a result of an overwhelming lack of requests, and with research help from that renown scientific journal SPY magazine (January, 1990) - I am pleased to present the annual scientific inquiry into Santa Claus. 1) No known species of reindeer can fly. BUT there are 300,000 species of living organisms yet to be classified, and while most of these are insects and germs, this does not COMPLETELY rule out flying reindeer which only Santa has ever seen. 2) There are 2 billion children (persons under 18) in the world. BUT since Santa doesn't (appear) to handle the Muslim, Hindu, Jewish and Buddhist children, that reduces the workload up to 15% of the total - 378 million according to Population Reference Bureau. At an average (census) rate of 3.5 children per household, that's 91.8 million homes. One presumes there's at least one good child in each. 3) Santa has 31 hours of Christmas to work with, thanks to the different time zones and the rotation of the earth, assuming he travels east to west (which seems logical). This works out to 822.6 visits per second. That is to say that for each Christian household with good children, Santa has 1/1000th of a second to park, hop out of the sleigh, jump down the chimney, fill the stockings, distribute the remaining presents under the tree, eat whatever snacks have been left, get back up the chimney, get back into the sleigh and move on to the next house. Assuming that each of these 91.8 million stops are evenly distributed around the earth (which, of course, we know to be false but for the purposes of our calculations we will accept), we are now talking about .78 miles per household, a total trip of 75-1/2 million miles, not counting stops to do what most of us must do at least once every 31 hours, plus feeding and etc. This means that Santa's sleigh is moving at 650 miles per second, 3,000 times the speed of sound. For purposes of comparison, the fastest man-made vehicle on earth, the Ulysses space probe, moves at a poky 27.4 miles per second - a conventional reindeer can run, tops, 15 miles per hour. 4) The payload on the sleigh adds another interesting element. Assuming that each child gets nothing more than a medium-sized lego set (2 pounds), the sleigh is carrying 321,300 tons, not counting Santa, who is invariably described as overweight. On land, conventional reindeer can pull no more than 300 pounds. Even granting that "flying reindeer" (see point #1) could pull TEN TIMES the normal amount, we cannot do the job with eight, or even nine. We need 214,200 reindeer. This increases the payload - not even counting the weight of the sleigh - to 353,430 tons. Again, for comparison - this is four times the weight of the Queen Elizabeth. 5) 353,000 tons travelling at 650 miles per second creates enormous air resistance - this will heat the reindeer up in the same fashion as spacecrafts re-entering the earth's atmosphere. The lead pair of reindeer will absorb 14.3 QUINTILLION joules of energy. Per second. Each. In short, they will burst into flame almost instantaneously, exposing the reindeer behind them, and create deafening sonic booms in their wake. The entire reindeer team will be vaporized within 4.26 thousandths of a second. Santa, meanwhile, will be subjected to centrifugal forces 17,500.06 times greater than gravity. A 250-pound Santa (which seems ludicrously slim) would be pinned to the back of his sleigh by 4,315,015 pounds of force. In conclusion - If Santa ever DID deliver presents on Christmas Eve, he's dead now. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% WHAT DO PEOPLE THINK? [Editor's Note: This was sent to us from a person who thought this was funny...and indeed it was. But I was blown back by trying to discover how (or WHAT) this person was thinking... In order not to reveal any company or the stupidity of some people, I have deleted the name of the author, and removed the name of the computer company and replaced their name with [COMPUTER COMPANY]. The company is a Fortune 500 company in Texas. Subj: [COMPUTER COMPANY] Suggestion Box Date: 94-11-11 18:49:05 EST From: xxxxxxxxx To: [COMPUTER COMPANY] Sysop To: Sysop Sent on: America Online (using WAOL 1.5) Field 3 = I would like for [COMPUTER COMPANY] to send me a free MultiMedia Computer, Monitor, printer, mouse, and modem. I need the equipment to start my own Charter business, but I am furloughed (pilot) and can't afford the equipment. I'll be happy to pay for it when I am able. Please send the equipment to: [name and address deleted to avoid terminally embarrassing the poor idiot] I thank [COMPUTER COMPANY] in advance for its generosity. xxxxx Here is their response: Subj: Re: [COMPUTER COMPANY] Suggestion Box Date: 94-11-11 23:22:00 EST From: xxxxxxxxxx To: AirLnPilot CC: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Sent on: America Online (using WAOL 2.0) While [COMPUTER COMPANY] understands your situation completely, certain regulations delineate proper handling of requests of this nature. Therefore I am forwarding your message to the appropriate agency. You may want to follow up with them - the address is: Mr. S. Claus North Pole, Earth Please direct any addition requests of this nature directly to this department to avoid unnecessary delays, especially here at the end of the fiscal year. Glad I was able to help, Sincerely, xxxxxxxxxxx [COMPUTER COMPANY] %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% .SIG HEIL Holocaust revisionism goes up in flame wars By K.K. Campbell It was 56 years ago today that Germans awoke to find the Nazis had spent the night terrorizing Jews and destroying property in something called "Crystal Night." It was a trial-run pogrom for the Holocaust to follow. Once upon a time, net.news (the Internet's public discussion forums) was swamped with flame wars about the Holocaust. They'd be found anywhere -- in newsgroups like alt.conspiracy, soc.history, soc.culture.canada, misc.headlines, alt.individualism etc. One of the most persistent Nazi-apologists, Dan Gannon (dgannon@banished.com), wildly spammed Holocaust-denying material, either not understanding or not caring about netiquette -- that is, you post appropriate material to appropriate groups. Thousands, from dozens of newsgroups, complained. Gannon's posts were bad enough, but they always brought rebuttal and endlessly repeated arguments. Today, most of these debates are found in one newsgroup: alt.revisionism -- dedicated to discussing "Holocaust revisionism," the claim that the Nazi extermination of Jews and other distinct peoples is a "hoax" exacted upon millions of unwary non-Jews. Anti-racist and anti-fascist online activists continue to track Gannon and his pals around the 9,000-odd newsgroups. One such hunter is Canada's Ken McVay (kmcvay@oneb.almanac.bc.ca). McVay, 53, came to Canada in 1967 from the U.S. and is now a Canadian citizen (holds dual citizenship). He's Canada's foremost online anti-revisionist warrior. I've been reading his stuff for years. TRUE COLORS "When I first got started on this, everyone was sort of out there on their own," McVay told eye in a phone interview from his Vancouver Island home. "Almost by accident, working groups started coordinating their efforts." McVay works closely with Danny Keren (dzk@cs.brown.edu) and Jamie McCarthy (k044477@hobbes.kzoo.edu), among others. The goal is not censorship. "I am absolutely, unequivocally opposed to any kind of censorship," McVay says. This is a real shift in McVay's thinking. I vividly recall reading McVay his posts from about two years ago, where he'd vehemently defend Canadian anti-hate speech laws. "I don't anymore. I think it's the biggest possible mistake." What changed his mind? "Dealing with these guys on a daily basis for over two years. Seeing how easy it is to shoot them down. And it is. The most intellectual among them are stupid and completely inept when it comes to historical research. And, of course, they are liars. That being the case, why on Earth would anyone want to shut them up or force them underground? I want to know who I'm dealing with. I want to know where they are. And I want to know how their minds work." To see their true colors, McVay and compatriots badger and prod revisionists until they drop the scholarly pretense by, say, calling McVay a "Jew-lover" or complaining Hitler unfortunately missed the parents of some Jewish netter. It happens regularly. "These online discussions are not aimed at getting Gannon and his pals to change their minds," McVay says. "That ain't gonna happen. It's to reach the rest - - such as the new users that pop up every September in universities and stumble on this stuff. Many don't know how Nazis operate. Most racists don't go around with a little patch on their shoulder proclaiming: `I hate Jews, or blacks, or natives.' But it's there. We work to bring it out in the open." A.R. AS TESTING GROUND McVay and company are working on putting together a book, a primer on Holocaust-denial techniques. (He hasn't approached a publisher yet.) You often see the results of this ongoing research in alt.revisionism . McVay chuckles about having rabid anti-Semites ever at hand to help write it. "We throw out a chapter when we think it's done, content-wise. If the revisionists ignore it completely, then we know it's finished. If they respond, we say, `Ah! We missed that trick, calling a maple tree a Porsche.' So we add that argument in." A month later, they upload the chapter again. McVay says the "classic" revisionist tactic is misrepresentation of text. Outright lies. "They'll cite a historical text: `K.K. Campbell says on page 82 of his famous book that nobody died at Auschwitz.' Then you go to the Library of Congress and look up K.K. Campbell, page 82, and what you find he really said was, `It was a nice day at Dachau.' They get away with this because they know goddamn well most people don't have time to rush off to the Library of Congress. But people read that and say to themselves, `Who would lie about such a thing when it's so easy to prove them wrong? They must be telling the truth.' " The years of refutation have resulted in anti-revisionists transcribing mass amounts of death camp evidence and testimony into computer text files. McVay saved them. Soon netters requested the material. It began to take up so much time, he automated the process. You send an email request, the computer sends you back the file(s). The archive is now maybe 60 megs and may swell to over a gig in 1995. Write email to listserv@almanac.bc.ca with the message GET HOLOCAUST/INDEX -- you'll be sent a huge index of Holocaust files (other files, too, on fascist racist-right groups). If you like the convenience of gopher, check out jerusalem1.datasrv.co.il . Revisionists often assert McVay "secretly" gets operating funds from Jews. "I don't," McVay says. "The hard-drives are spread out on a table with a Canadian Tire fan blowing right at them. I can't afford to replace things, if it breaks, it's gone. However, I'm upfront -- if I get support money, I'll take it, Jewish or not. The fact that a Jewish organization would offer several grand to help wouldn't change the value of the historical data." He'd like to put it all on CD-ROM. "The Internet has to be a revisionist's worst communications nightmare," McVay says. "They can't ignore it, because, as you and I know, in 10-15 years everyone in North America is going to read stuff through the Internet. "And that's the beauty of the Internet: once it's refuted in an honest and academic fashion, you can't run away from it," McVay says. When the latest revisionist recruit charges in with the same old pamphlets, it's almost effortless for anyone to request a file and reply: "We covered this two years ago. Here is the massive refutation of that so-called scholarly report." It's there. For everyone. Forever. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Retransmit freely in cyberspace Author holds standard copyright Full issues of eye in archive gopher://interlog.com Coupla Mailing lists available http://www.interlog.com/eye eye@interlog.com "Break the Gutenberg Lock..." 416-971-8421 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% THE WORLD WIDE WEB - The JUNKYARD OF THE INTERNET By Ram Samudrala (ram@mbisgi.umd.edu) [Author's Note:] I am not completely happy with this, especially the second part, because when I started writing this I had a lot of ideas about it and now I seem to have run dry. But I went ahead and finished it anyway, before I lost all interest. Feel free to post this wherever... For those of you who are familiar with the workings of the web, you can skip to The Junkyard of the Internet. ------ The World Wide Web About a year or so ago, there were about 500 HyperText Transfer Protocol (HTTP) servers on the World Wide Web (www). Now, every other person on the Internet with some basic computing experience can install their own server and provide information (I'm using the world quite liberally here) to the web. I wonder if Tim Berniers-Lee, the person who started the www project at CERN, really thought it would become the thing that revolutionized the Internet and end-user computing. And this issue, the ability to put yourself on a soapbox and be heard by the world, and the subsequent consequences, is what I will attempt to address here. First, what does the www give us that we didn't have before? By posting on USENET news, for example, you're probably heard by a lot more people than having a web server. Well, the main difference is that anything you posted normally was lost within in a few days, so your ideas didn't stay around long enough for everyone to assimilate. On the web, your pages are permanent, and you can promote them as much as you want and people will continue increasing the accesses made. But the www project would probably be doomed without the software that keeps everything working. Almost every w^3 browser I've used has been of high quality (which is absolutely crucial), but one of them, NCSA's Mosaic, stands out in terms of availability and accessibility for a variety of problems. Marc Andreessen wrote Mosaic for X and it spread like wildfire when NCSA released free versions of mosaic not just for X, but for a variety of other platforms, again, about a year ago (September). A friend of mine referred to it as "The Program of the Gods". I happened to get seriously addicted to the www at the beginning of this year, but I got over it soon. I then realized that all one needed was an anonymous FTP server set up and they could serve documents to the www. I did this initially, and this is yet another design decision that has been crucial---the www incorporates several existing information retrieval mechanisms out on the net, primarily gopher and ftp. I never thought gopher would be a big hit, and with the advent of the numerous w^3 browsers for almost any imaginable platform, there really is no need for gopher clients and why have a gopher server if you can get a http one up running just as easily? There is only a small (depending on how aesthetically pleasing you want your pages to look like---one can waste hours making things look pretty) overhead involved in converting plain documents to the HyperText Markup Language (HTML), the language that www browsers understand and use to format your text. Philosophically, the idea behind the www simply takes Unix philosophy to the extreme. The whole Internet is abstracted as a gigantic file system, and HTML allows you to specify any object on the Internet, be it a movie of comet Shoemaker colliding with Jupiter, gifs of paintings by Dali, a song you recorded on your 4-track that you have a soundfile of, or things you should know before you delve into linear and non-linear programming, by linking the locations of these objects to an anchor of your choice. And like Unix, a link could be anything, including other programs, telnet /news/mail/ftp/gopher ports, or just another section of a document. The touch of button that activates the anchor is all you need to access any particular link---the software figures out the rest for you---if it's a soundfile, it'll play it. If it's a movie or a picture, it will bring up the appropriate viewer, and so on. The Junkyard of the Internet This is all very nice, but what it lets you do is also access the latest porn clip, let you see gifs of Kurt Cobain's shotgunned face, contact your favourite astrologer for a consultation on-line, and do on-line shopping. I'm not going to pass judgement on whether these things are "wrong", but as the web grows, it is clear that it is the entertainment side of the web that is thriving. Megadeth is probably is one of the first groups to commercial go all out to advertise a release on the w^3 (the CD comes with a sticker saying "check out Megadeth, Arizona at through the www at http://bazaar.com or through FTP" (or something like that), and while Megadeth, Arizona is a cool place to visit, it is akin to the junk mail with colourful pictures that you receive in your postbox. It is propaganda. There are a lot of advantages to having entertainment information available on the net---but it also results in a lot of spam. And this is evident not only on the w^3, but also in the USENET newsgroups, where the commercial Internet provider industry thrives as millions of subscribers come on line and run amok. A few months ago, an advertisement on the net would've been flamed to ashes. Now there is a weak response, but the people who opposed this are fighting a losing war. Advertisers continue to spam the net. Not to mention the increase in the number "job wanted" or "items for sale" ads in completely inappropriate newsgroups. The number of inane USENET groups created for local objects of worship (I am guilty of this) are numerous. The ease with which computers can transmit hypermedia (pictures/movies/sounds) has not only furthered the www revolution but is pushing bandwidth to its limits (a state that we may perpetually exist in). All this has contributed to an increase in the noise:signal ratio on the net as a whole, but particularly in USENET newsgroups and the www. As w^3 usage increases, and it becomes more flexible to incorporate some sort of a BBS-type system, like USENET, or USENET itself, in www browsers, then we will see a exodus from the traditional forms of Internet use to w^3 use, just as there is a movement from people typing stuff at the prompt to clicking buttons on the mouse to perform local tasks. In fact, I predict that many people simply won't even figure out how to FTP or read news from the prompt, just like many people don't figure out how to do send mail from the prompt and instead type in a number or click on the mail icon for their favourite mailer, since they can do this at the click of a button. Again, this isn't necessarily A Bad Thing. What this means, however, is that there will be a dichotomy that will exist on the Internet. There will be people who can navigate the Internet only with help of the www and there will be those who can do both, i.e., use the prompt to do stuff. The advantages that the people who do have access to the internal workings of the system is left to your imagination. But what this is also leading to is the concentration of all the spam on the several networks that compose the Internet to the w^3, and hopefully it will leave the traditional forms of Internet use as it were. Commercial advertisers are more likely to find the w^3 a more viable medium to display their wares than making ephemeral postings on USENET newsgroups, especially given the capability for multimedia plugs. People, visionaries and otherwise, can put forth their agenda with ease. Real information will be much harder to find even with tools like the Web Crawler. All this will result in The Program of the Gods becoming a metal detector. Not everything has to be negative: the ability to reach the masses in an unprecedented way will also hopefully lead to an information revolution, where information will be made available free (this is evident in the www pages of the two camps of the San Francisco newspaper strike). It will lead to independent reporting of events, and even though these will be biased, the perceiver, facing many alternatives, can discern the relevant bits themselves. The www, more than anything else, will lead to a society where information is free. While I have always been for this, I just realized it comes with a price---lots of noise. But this might push us to developing better software that will allow one to filter signal from noise in a efficient manner. And then of course, there's the issue of speed---there is nothing like the net for receiving the latest information on the fly. Sure, it might be tainted, but when one's working and if, for example, one wants to check what the latest election results are (why one would want to do this is another issue), just get on your local newsgroup and post a message, if there isn't already a continuous thread going on. And of course, we all know how the www let us view the pictures of Shoemaker/Jupiter collision almost as it happened. This is probably the greatest advantage of maintaining a net-lifestyle. No longer do we have to rely on one or two view points---you can select among several and information is made available as soon as it is disseminated. And what about the incorporation of computers and networking into our lifestyle? We're holding the First Protein Folding Competition in Asilomar, CA, and the top priority is making sure we have access to the Internet. We would be basically lost without this access, i.e., without being "plugged in". It is interesting how life has changed for some of us. 5 years ago, I hated computers and now I cannot go for a few hours without having access to one. Visions of cyberspace as portrayed in the cyberpunk genre are still far away in reality, but a similar affect seems to have been achieved by the people who exist on the net. Disclaimers: the Internet isn't just about the USENET or the w^3. I'm addressing only certain aspects of it. ram@elan1.carb.nist.gov ...because you believe that science is the greatest achievement so far of the human race and its long term best hope for survival and enlightenment. ---John Moult %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% AUSTIN ZEEN SCENE By Josh Ronsen (rons@quads.uchicago.edu) Here are some Austin zeens I've read recently. I am somewhat surprised on how good so many of these are, considering the somewhat stale nature of Austin's music scene. I've recently posted to alt.zines the Austin Zine Guild's "Scratch Paper" #2, which is more of an overall commentary on Austin Publications rather than reviews of individual zeens as this is. Email me if you missed SP #2, and I will send it to you. PEEK-A-BOO #10: This marks the recovery of Peek-A-Boo from a flirtation with blandness in recent issues, the sex issue, the Halloween issue, back to the glory of it's first bunch of issues. Lots of personality and personalities in here. An interview with Blast Off Country Style, a "scene girl" report (hopefully to become a regular column) on cute boys at a Jon Spencer show (which I missed, damnit!), and a page of stuff from the women who do the wonderful zeen MTM (see below), including a dream featuring Joan Jett, are my faves in this ish. Plus cool comic and xerox artwork. P-A-B is free in Austin, so I guess send them a dollar at 305 W. 39th St #107, Austin, TX 78751. They also claim to have email at boo-key@mail.utexas.edu SAD #1: I just picked this up today, and I like it lots. It's kinda tiny and is all about (surprise) sadness: people who are sad, music that is sad, and three pages of the sadder entries in Kafka's diaries (really!). Very well done. The four music reviews, Joy Division, Idaho, Bedhead and Timco, are rated by how likely their members are to off themselves. Nice touch. Cheer up the sad publisher and send 2 stamps to 704 W. North Loop, Austin, TX 78751 MTM #3: Another really fine Austin zeen! What's going on here? Is it something in the water? I missed #'s 1 and 2, and deeply regret it. A number of interviews here, with 7 Year Bitch, Glorium and two guys from Ken's Donuts. I love the witty, irrelevant questions and answers in the interviews. The other stuff has some very humorous and spirited writing, including the two editors, Lula and Alabama, trading stories of weird incidents in their lives, a page of "Uppity Women" you might not be aware of, but should (I didn't, but now I do), and an expose on a local strip club. This is another freebie, so sent $1 or stamps for this or a future issue to 2834 Salado B, Austin, TX 78705. RETICENCE AND ANXIETY #3: I think #4 just came out, but this is the first one that I've gotten (for the somewhat slimy reason that it was the cheapest). Written by lesbian lovers (is that really important for me to mention? They refer to the two interviews in #3 as being with "queer men", so I can call them "lesbians", can't I? Well, I will and there's nothing you can do about it!) who write under the pseudonyms R. and A. (this *is* Texas, you know, not that there is any bigotry or intolerance around these parts, not here!) This is very well written, with moving and interesting accounts of their first days after moving to Austin, coming out to one's grandmother, dealing with unsympathetic (and downright hostile!) parents and... Having two wonderful, intelligent, loving parents, I am always surprised to hear how shitty other parents can be. Anyways, interviews with film-maker Todd Haynes (after reading this I really want to see his film "Poison") and David Wojnarowicz (whose interview I have not read yet). Some political articles, A.'s liking for some Heavy Metal, and a photo and commentary of Chris Carter of Throbbing Gristle round everything up. All in all, an interesting look into two people's lives. Sometimes it is difficult to separate writing like this from fiction (I read a lot of fiction). After all, what is the difference between writing from someone you do not know and a first-person fictional narrative? R&A makes clear this difference. $2 and 2 stamps to PO Box 2552, Austin, TX 78768. The other issues have differing prices, so just send them lots of cash, that's all I'm saying. ALCOHOL, DRUGS, AND DRIVING #1: There are more issues, but I haven't read any, and I'm not very thrilled with this, and not just because of the multi-page feature on the guy who gunned down 40 people from the UT Tower years and years ago. I think this is unequivocally inferior to my zeen, unlike everything mentioned above and probably below, and I have a problem with anyone who does something worse than me. I mean, if I can do something, surely you can do it better. Also they guy's address is not in the issue, so I have to look it up in Scratch Paper #2: oops, it's not in their either, so if you really want this, you have to come down to Austin and get it for yourself. MONK MINK PINK PUNK #2: This is my zeen, and it is not out yet despite rumors to the contrary. When it does come out (don't hold your breath), expect interviews with prolific punkers God Is My Co-Pilot, and story-teller Juliana Leuking. Also expect a unique and exciting format, which is under secret development in what is only known as "Josh's Bedroom" (it's worth spending a night there) (anyone who gets this reference I'll send you a prize). Email me for details on #1, of which I am quite proud of, and of which I have, well, more than a few copies left. I have been getting a lot of promo stuff in the mail from MMPP's not unfavorable Factsheet 5 review, including anti-rock Christian literature (wow, those arguments were really convincing; I'm burning my record collection tomorrow!), lollipops from Atlantic records to entice me to go see a Melvins show, and a few actually good records! ASIAN GIRLS ARE RAD #'s 1-10: A very amusing fetish zeen on the beauty and wonder of Asian chicks. Sounds disgusting and perverted? Well, it's actually quite cute and endearing. I always enjoy this...as an anthropological study into intercultural relations, not because I'm...you know...you're not buying this, are you? Anyways, Dave writes a lot about his life, cool moms, astronomy, taking classes, dishwashing, washing dishes with Asian girls and... Like an old friend, but only $1 a back issue. #7 has a Shonen Knife review, and a picture of them reading AGAR...wow! (When God Is My Co-Pilot read my zeen, they verbally harassed me for not liking Elliott Sharp, really!) AGAR c/o David O'Dell, 707 W. 21st St, Austin, TX 78705 LAZY WAYS #1 (?): Marc just sent me his zeen as a trade for mine, so right off the bat you know he is cool, although he does not live in Austin. Lots of gloriously positive admiration for many indie-pop bands that don't seem to get mentioned very often, something which I really admire. One more article on Sebadoh and I will barf! Stuff here on Allen Clapp, Bomb Pops, Musical Chairs and many more bands I have never even heard of (and I read every issue of the Indie-(Music Mailing)-List). Hurrah! Marc really likes this stuff and his enthusiasm only infects me with the same, despite the fact that I've probably listened to too much of this kind of music already. $2 to Lazy Ways, PO Box 17861, Plantation, FL 33318. BLIND STUMBLING AFTERLIFE by Elisabeth Belile: This is not a zine and is not from Texas, but is so marvelously wonderful that I must rant and rave about it. Belile writes/produces some of the best and most rewarding poetry that I've read in years, if not ever. Her stuff is very dada/surreal, and seems to be the product of some cut-up process that is not explained. Not stream-of-consciousness, but cut-up. I would quote the entire thing if I could, but my fave (since getting this just today): "These are the politics of my dream: 1. Crush Beauty 2. Spit It Out! 3. Plagiarize -- go naked for a sign! 4. Appropriate when appropriate 5. Follow and run on angel's clocks 6. Command them to call you, *now*." The book is one long four-part poem, with a (not meaning to make it sound trite) a strong feminist bent to it, esp the last two parts. I really have not pondered on it's meaning yet, just enjoyed the beautifully powerful juxtapositions of words and phrases. This is must-read stuff. $4 -> Broad Press, 2816 Avenel St, LA, CA 90039. While on the subject, BSAL, good as it is, no where near approaches the power, the emotional malaise, the surrealness of the other book I've read from Belile, called "AFTER WITH HOPE", which is a chap book, and quite an amazing one at that. I do not have the words to describe how great this , so just trust me or email me for more info. $4 -> We Press, PO Box 1503, Santa Cruz, CA 95061 Thanks to anyone who has read any or all of this. I wrote this not only because I really like most of these publications, and want to see them thrive and prosper, but also because I am generally too shy to write to these people myself to praise their efforts. I figure if I can turn anyone on to any of these, and they send letters of praise, well, that's just about the same, right? Peace, Josh Ronsen rons@midway.uchicago.edu ps: I am in Austin despite the email address... %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% PRESS RELEASE: Object Technology in Cyberspace By Chris Hand (cph@dmu.ac.uk) FOR IMMEDIATE RELEASE Contact: Chris Hand, De Montfort University. Fax +44 116 254-1891. e-mail: cph@dmu.ac.uk ** A Hypertext version of this Press Release is on the World-Wide Web ** ** at http://www.cms.dmu.ac.uk/Research/OTG/Online/pr1.html ** ________________________________________________________________________ OBJECT TECHNOLOGY MOVES INTO CYBERSPACE Leicester, England -- 28th November 1994. De Montfort University's TaTTOO'95 conference to be held in January will feature the world's first commercial exhibition held in Cyberspace. A number of companies world-wide have already expressed an interest in sponsoring a stand in the Virtual Exhibition Hall, where anyone on the Internet will be able to browse on-line product information and chat in real time with company representatives. "This will be just like a `real-life' trade exhibition, but without the hassles of travelling long distances or struggling through the crowds", says Chris Hand, organizer of the Virtual Conference. "Exhibitors will benefit since they won't have to worry about travelling costs or time away from HQ. In fact, it will be possible for one exhibitor to work on several stands simultaneously. The potential for events of this kind is enormous." Advertising space will be available both in the Virtual Exhibition hall and on an integrated World-Wide Web server. Other on-line events planned to run alongside the real-life conference include a Virtual Press Conference and Discussion to be chaired by Eric Leach of the Object Management Group, and tutorials on working within object-oriented virtual environments. Internet users will be free to mingle on-line with the TaTTOO'95 delegates and speakers. Alan O'Callaghan, conference organizer, adds: "With the recent investments in Object Technology by giants such as IBM, it's now more important than ever that we bring the message to as many people as possible. The Virtual Conference will allow us to do this. OT is moving so quickly now that if you're not on-line to it you could easily miss the wave." More details on the on-line events are available from Chris Hand (e-mail: cph@dmu.ac.uk) and Mark Skipper (mcs@dmu.ac.uk), fax. +44 116 254-1891. WWW: http://www.cms.dmu.ac.uk/Research/OTG/tattoo-online.html Background TaTTOO (Teaching and Training in The Technology of Objects) is an international conference which in 1995 will be held in the Queens Building, De Montfort University, Leicester on 4-6 January. TaTTOO'95 follows the highly successful inaugural event in 1994 which was attended by 185 delegates from academia and industry in the UK, USA, Sweden, France, Holland and Germany. More information: e-mail: tattoo@dmu.ac.uk WWW: http://www.cms.dmu.ac.uk/Research/OTG/tattoo.html De Montfort University is recognized by the World Bank as the fastest growing university in Western Europe. A distributed university with sites in Leicester, Milton Keynes, Bedford and Lincoln, DMU is pioneering the use of Video-Conferencing and Internet services by staff and students. The School of Computing Sciences, well-known for its expertise in Object Technology, has been operating a World-Wide Web server since 1993.----------------- DEADKAT [Editor's note: This stuff here is published to humor you. We do not in any way condone cruelty to any animal. This was found when one of our editors randomly fingered an account. If you've been into the hacking/phreaking scene for a while (at least since the 80's) like us (the editors) you will understand all of this...if not, just read it.] [GeeK-Speak mode: ON] (#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#)(#) (#) (#) (#) /|narkiztik / \ ^ / ONE OF THOSE GREENPEACE OR SPCA FAGGOTZ THEN PHuCK YEW | | PANZIE, GO WATCH 101 DALMATIONS OR SUMTHING @!!@# / \ ====================================================== | . . | (" " ) ONE OF MY FAVOURiTE METHODZ OF KAT EXTERMINTATION IS A PLAY ON THE OLD HOCKEY KARD IN THE SPOKES OF YER BICYCLE TO MAKE A KEWL SOUND THING, IF YEW HAVE NEVER DONE THIS BEFORE WHAT ESSENTIALLY YOU DO IS AFFIX A HOCKEY KARD TO YER SPOKES AND AS YOU PEDAL IT MAKES A KEWL KLICKING SOUND.. WELL THIS IZ FOR PANZIE FAGGOTZ #@!@ IF YER KEWL WHAT YEW DO IZ TAKE A LiVE KAT aND AFFIX IT TO THE SPOKES OF YER BIKE AND PEDAL AROUND TOWN VIGOROUSLY, NOT ONLY DOEZ IT SOUND KEWL BUT ALSO YOU GET SUM CHOICE LOOKZ FROM ANYONE YOU HAPPEN TO PASS BY !@#@! [NoTe: Thiz method will not work on bikes without spokes, ie: big wheels, if you own a big wheel: get some skipping rope and tie one end to the kat and the other end to the back of your big wheel, position yourself at the top of a big hill and pedal downward vigorously] ANOTHER FAVOURITE OF MINE REQUIREZ ACCESS TO YER SCIENCE TEACHERS STOREROOM OR SOMEPLACE WHERE YOU KAN AQUIRE LARGE AMOUNTS OF PURE POTASSIUM. BASICALLY WHAT YOU DO IS SHOVE LARGE AMOUNTS OF PURE POTASSIUM DOWN THE CATS THROAT AND THEN ONCE IT IS SUFFICIENTLY STUFFED WHIP IT INTO THE BATHTUB WHEN YER MOTHER IS HAViNG A BATH OR EVEN INTO A PUBLIC SWIMMING POOL. YOU WILL REVEL IN THE XPLOSION OF KAT FUR AND INTESTINES THAT WILL RESULT FROM SUCH ELEETNEZZ.. IN KASE YOU DONT KNOW, POTASSIUM + h2o (water) kauses a minor xplosion. THE MORE PURE POTASSIUM YEW STUFF THE KAT WITH THE BETTER THE BOOM. [NoTe: Another play on this method iz to stuff the kat with the potassium and then remark to your mom that the kat looks like it needz a bath, when yer mom immerses the kat in water *B00M*.. hehe If you want to be elaborate, talk to your mom alot about spontaneous combustion, fill her head with lotz of horror stories about it then proceed with the plan... it will take her weekz to recover from the shock when FeFe goez BooM-BooM] [NoTe#2: ThiZ meth0d iz loadz of fun when you employ one of th0se panzie 'throw in yer quarterz' publik fountainz as yer detonator] DEW YEW HAVE A MIKROWAVE ?!?!? iF SO THiS NEXT MeTHOD IZ DEFINITELY THE THiNG TEW DEW ON THoZE RAiNY SUMMER DAZE WHEN YEW R BORED OUT OF YER MIND @!#@! EYE AM SURE BY NOW YEW R BORED OF MERELY JAMMiNG YER FAVOURiTE FELiNE iNTO THE MiCROWAVE ON HIGH FOR 10 MiNUTES, WELL HERE iZ A METHOD WHICH ADDZ SUM EXCiTEMENT !@#!@ WHAT YEW WiLL NEED BESiDES THE OBViOUS KAT AND MiCROWAVE iZ: a) YER MOTHERZ FAVOURiTE PEARL NECKLACE. b) A SHiTLOAD OF POPKORN KERNELZ !@#!@ STRiNG THE PEARLZ AROUND THE KAT, THROW IT IN THE MiCROWAVE AND THEN FiLL THE MiCROWAVE WiTH POPKORN... KLOSE THE DOOR, CRANK IT ON HIGH AND RUN LiKE HELL #@!# THiS METHoD iZ VERY MESSY #!@# THE RESULTANT EXPLOSION WiLL B MAMMOTH SEW MAKE SURE NOONE IZ AROUND BuT YEW WHEN YEW DEW THiS ONE !@#@! THiZ ENDZ PART ONE oF THE FELiS-MoRTiSiKON #@!# PHUCK YEW !@#@! WATCH FER MORE QUALiTY [ANuS] PHiLeZ KUMMING YER WAY SooN !@# GREETZ GOEZ OUT TEW: SKAR-TiSSUE, MuTiLaTeD-KaT [FEaR] SPECIAL GREETZ GOEZ OUT TEW ALL [FEaR] MEMBERZ @!#@! FeLiNe Exterminatorz/Anarkistik R0dentz 0H SHiT!@# THAT REMiNDZ ME, EYE FORGOT TO MENTION ANARKYKON @!# OK: ========================== = ANARKYKON '94 = ========================== EYE ARRiVED AT THE CONVENTION CENTER AROUND 5PM JUST AS SEVERED LiMB AND DEMONiKiZT WERE HEADiNG OUT TO GO TRASHiNG AT SMITH AND WESSON, LUCKiLY THEY HAD ROOM FOR ME, SO OFF WE WENT.. THE THREE OF US SPED OFF TOWARDZ THE SMITH AND WESSON BUILDING IN DEMONiKiZT's VAN AT QUITE A FRANTiC PACE ONLY STOPPING AT A RED LiGHT ONCE TO PuLL OVER AND MaCE AN OLD LADY WHO WUZ STaNDiNG ON A KURB.. OK, WE ARRiVED AT SMiTH AND WESSON JUST AZ THEY WERE KLOSING SO WE WAiTED OUTSIDE IN THE VAN UNTIL THE LAST EMPLOYEE HAD LEFT, AT WHICH POINT DEMONIKiZT LEAPED OUT WiTH SEVERED LiMB AND EYE IN TOW, WE MADE A QUIK B LiNE TO THE DUMPSTER AND EYE LEAPED iN.. SEVERED LiMB LiT A SMOKE BOMB TO PROViDE US WITH SUM DEGREE OF COVER AND QUICKLY JOINED ME iN THE DUMPZTER @!# WE SiFTED THROUGH THE MEZZ AND ALL WE GOT WERE A FEW SHELL CAZINGZ AND EYE FOUND SUM PRiNTOUTZ FER A LAZERSKOPE PLANS OR SUMTHiNG #@!# OK BACK TO THA KONVENTION CENTER #!@# WHEN WE ARRiVED WE WERE GiVEN OUR NAMETAGZ AND SHuFFLED OFF TEW A ROOM WHERE A FEW TALKZ WERE GIVEN ON TERRORIZM AND A FEW BORING LEKTUREZ ON SNEAKING INTO BUILDINGZ AND LOCK PICKING #!@ EYE RAN INTO RANCiD MEAT AT THE LEKTUREZ AND HE INVITED ME UP TO HIZ ROOM TO LOOK AT HIZ CHEMICAL WEAPONS, WHEN WE GOT UP THERE HE SUGGEZTED WE TEAR GAZ THE LOBBY, WHICH WE DID... NEEDLEZZ TO SAY THE POLIZE SHOWED AND THA KONVENTION ENDED EaRLY @!#!@ PHUCK YEW !@#@! EYE GOTTa GO NOW.. D-CeLLeRaTiON TRaUMA [ANuS] '94 $@#!$#@$@$^M %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% EFF PERSONNEL ANNOUNCEMENTS By Stanton McCandlish (mech@eff.org) FOR IMMEDIATE RELEASE Personnel Announcements at EFF. Contact: EFF: Andrew Taubman , +1 202 861 7700 The Electronic Frontier Foundation (EFF) announced today several significant personnel changes. EFF is a non-profit, public interest organization that seeks to protect and enhance the growth of "Cyberspace" (the Global Information Infrastructure) as a diverse, free, responsible and empowering environment. David Johnson has been named Chair of the EFF Board of Directors and Senior Policy Fellow of EFF. Johnson, an EFF Board member since 1993, has been practicing computer law with the Washington, DC, law firm of Wilmer, Cutler & Pickering. He has direct experience with computer networks as Chairman of LEXIS Counsel Connect (an on-line system for lawyers). He joins Andrew Taubman, Executive Director and Chief Operating Officer, who began at EFF in September of 1994. Esther Dyson has been named Vice-Chair and will serve on the EFF Executive Committee. Dyson is President of EDventure Holdings Inc., a venture capital firm focused on emerging information technologies, particularly in Eastern Europe. Dyson is a member of the US National Information Infrastructure Advisory Council, has board memberships at the Global Business Network, Perot Systems, the Santa Fe Institute, and is a founding member of the Software Publishers Association. Johnson and Dyson join David J. Farber and Rob Glaser on the EFF Executive Committee. Farber holds the Alfred Fitler Moore Professorship of Telecommunications at the University of Pennsylvania, is a fellow at the Annenberg School for Public Policy and at the Glocom Institute in Japan and was one of the creators of many of the parts that evolved into the modern Internet - such as CSNet, CREN, and NSFNet. Glaser is President and CEO of Progressive Networks, an interactive media and services company and serves on such boards as the Foundation for National Programs and the Washington Public Affairs Network. EFF co-founders Mitchell Kapor (immediate past Chair) and John Perry Barlow (immediate past Vice-Chair) remain Directors and will continue to participate actively in the development and implementation of EFF policy programs. Also announced, Jerry Berman, who held the position of Policy Director, has left EFF. Janlori Goldman and Daniel Weitzner, who have worked closely with Mr. Berman over the years, and other policy staff members, also have left to establish with Mr. Berman a new organization to be called the Center for Democracy and Technology (CDT). EFF wishes CDT success in its new venture and thanks Jerry and his colleagues for their substantial contributions over the past three years. In 1995, EFF will continue to pursue its policy mission of protecting the health and growth of the global computer networks. The 1995 policy agenda includes such projects as an innovative new "State of the Net" report; studies of the implications of the global nature of the net for jurisdictional and governance questions; a study of the protection of intellectual property on networks; and efforts to preserve the free flow of information across the Global Information Infrastructure. EFF expects to continue to intervene actively to counter threats to computer-mediated communications networks, and virtual communities, such as limitations on the use of cryptography and intrusions into personal privacy, as it has in previous years. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% READER FEEDBACK [Editor's note: This is a response form one of our readers in reply to the 'Porn On The Net' article we ran in the last issue] By Michael Stutz (at118@po.cwru.edu) Hello-- I didn't see a Letters section in this issue [vol i, issue 6] and I really hadn't intended on writing one, but that article -- Paul Pihichyn's rant on porn -- was so stupid I had to say *something*. Calling it all those names ("filth," "slime," etc) made it immediately suspect. What are these things he's talking about? Naked people. People without their clothes on. What's so filthy and slimy about that? Nothing. His fears about exposing porn to children are silly; what children know how to uudecode, assemble and view an image? None that *I* know. Besides, what would happen if a child saw a picture of a naked woman? What would happen? Probably nothing much. Maybe (s)he'd laugh, I don't know. While I'd hardly recommend throwing porn into the laps of kids, we have to remember that it doesn't do much for them, either. We're all naked and we all have sex. That this guy suggested that we don't 'need' groups like alt.sex is more than ridiculous -- it tells me that there's a lot of people out there (like him) who need help. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% CALL SECURITY, PUBLIC KEY VOICE CRYPTOGRAPHY FAQ By Neil Johnson (njj@pokey.mc.com) Call Security, Public Key Voice Cryptography FAQ ------------------------------------------------ Call Security is a shareware program which provides public key cryptography for voice telephone conversations. In other words private phone conversations. Like as in voice scrambling. All you need is a modem, a sound card, PC, and someone to talk to (with the same). This my first version of the Call Security FAQ. Its very brief but should get you going if you plan to use it. If you have suggestions, comments, or criticism, please let the current editors know by sending e-mail to njj@mc.com. Things like, bugs, sound card how to, modem init. strings etc... are especially welcome. Many thanks to David Colston, Charlie Merritt the authors of Call Security. These guys have been sharing info with me regarding this program in the many months prior to its release. This is the very first & rough draft version of this faq. Some things are sure to be missing, just plain wrong, etc... Your get the point. Trust only what can you verify yourself. This faq is actually bound to create more questions than it answers. Hopefully it gets you to use Call Security. Call Security FAQ Author Neil J. Johnson, email njj@mc.com Table of Contents ----------------- 1. Overview, what is Call Security? 2. How well does it sound? 3. What kind of hardware do I need? 4. Where do I Get Call Security? 5. Quick, can you tell me how to run it step by step? 5.1 Ok how do I stop talking now? 6. How Does It Work? 7. What public key algorithm does it use? 8. Is it really secure?, You, decide! 9. Is it safe to give them my public key when i upgrade from shareware (512 bit key) to the registered version (1024 bit key)?, Yes, its only the public key! 10. How do I set up my sound card? 10.1 How do I set up my Gravis Ultrasound? 11. My modem is full duplex why isn't Call Security? 12. Are there any bugs in the program? 13. Where do I get DSZ or GSZ for doing Zmodem transfers with Call Security? Answers to Questions -------------------- 1. Overview Well Call Security (CS) turns your ordinary PC into a very secure voice telephone. CS also works as a general purpose data comm. program with zmodem support, ansi/vt100 terminal, & regular unencrypted digital voice. Call Security is also a general purpose public key cryptography program for encrypting/decrypting any computer file (like email). 2. How well does it sound? The sound quality varies depending upon how many (compressed) samples per second your hardware can do. Here is a little chart. Sample rates: 7600 Acceptable 10000 sounds like good CB Radio (486 with 14.4bps modem) 16000 Real sweet 3. What kind of hardware do I need? The minimum recommended system is a 386sx with a 9600bps modem & a sound blaster compatible sound card. A 486 system with a 14.4bps modem is recommended. A 28.8bps modem is still even better! You should also have a copy of pkunzip to uncompress the program if you get a zipped copy off the Call Security BBS. 4. Where do I Get Call Security? Right now the only place to get it is at the following BBS phone number. Note I didn't see any support for kermit transfers. I recommend using zmodem protocol. Call Security BBS 1 (501) 839 - 8579 - Give your full name. - The password is "security" - Use the "d" command to download - select transfer type like "z" for zmodem (sorry no kermit support) - enter file name "callsec1.zip" - put your comm program in zmodem mode (automatic for most comm programs) 5. Quick, can you tell me how to run it step by step? - DOS stuff >mkdir callsec1 >pkunzip callsec1 >pkunzip software - I recommend printing the documents, readme.1st, security.doc, svterm.doc. - If your in windows exit now. - determine which comm port your modem is on & determine the address & IRQ. The DOS command msd.exe (Microsoft Diagnostic) can help with this task. Write this down for later. - determine the address of your sound card. Write down for later use. - If you don't have a sound blaster then put you sound card in sound blaster emulation mode. - type "security" at the dos prompt. - Your now in the security program. Select option A. Make My Own Secret & Public Keys (cursor to & hit return) - Now unfortunately CS makes public key exchange a hassle. You need to extract your public key from your key list it (& uu encode it optionally), and give it to the person you wish to talk to with CS. The first 2 steps can be done with the menu picks. The last part can be done with CS zmodem, if you happen to have the DSZ shareware program. Since this is a quick start guide lets skip this for now and use password encryption instead. If you don't want to skip the public key stuff read the documentation. - Use menu pick J. Go To Secure Voice Terminal You will be prompted for info on you modem set up & sound card setup. Just enter the info as it comes up. For sample rate select 10,000 samples per sec. for a 14.4 modem, 16,0000 for a 28.8, & 7,600 for a 9,600. Note: if you have a 386 16/SX machine don't go over 8,000 samples per second. - When your done setting the modem & sound card you will be a menu for where to go next. Hit the return key. You will be popped into the comm. program/terminal emulator. - Now it time for one person using CS select auto answer mode & the other CS to dial. - the auto answer person/side presses function key F8 - the caller does the following: press function key F6. Enter name & number of person you plan to dial. Note: field are separated with spaces, tab keys won't work. Now dial, directions are on the screen to do this (I think you just hit the return key). - The machines will now connect. Anything you type will go on their screen. Anything they type will go on your screen. Note, this text is not encrypted. - When your ready to talk hit alt-s on you key board. Then select password mode (or public key if you've done public key exchange). Each side now enters the same secret password (like hello). - On your screen it will either indicate that your listening or talking. to toggle listening/talking hit the space bar. To end the session hit the esc key. Note: it helps if you use it like a CB & say over while you hit the space key (when your done talking). 5.1 Ok how do I stop talking now? Well If your talking you must hit the space key to become the listener. To end a voice session & go back to the terminal chat mode, you must hit the key while you are in talk mode. 6. How Does It Work? In laymans terms, each person who uses CS has two keys, a matched pair. One is public & the other is private. The way program works is public key are used to encrypt voice (or computer files/email). Private keys are used to decrypt the voice. Hence know one can listen in on a conversation (or computer file/email) that was meant for you (encrypted with your public key). However you still have to trust the person you are talking to! 7. What public key algorithm does it use? No CS doesn't use the RSA [Rivest, Shamir, and Adleman] public key cryposystem as featured in PGP. A bonus feature of not using RSA is the avoidance of RSA patent restrictions. CS uses QPK Quick Public Keys by David Colston. This public key system has been reviewed by Whit Diffee, Gus Simmons (Sandia Labs), and posted on sci.crypt. On the plus side QPK is fast. On the down side the CS implementation of QPK does not support digital signatures. FYI, Digital signatures are signed with private keys & verified with public keys. Like virtually all public key systems CS uses QPK to encrypt a random (private) session key, The session key is then used to encrypt the voice conversation. This is because public key systems are too slow for realtime voice. The private (session) key encryption algorithm uses a very long many bit linear feedback shift register LFSR pattern which is xored with the voice data. To greatly increase the security, only short (many times less than the LSFR total length) sequences of this LFSR are used between transmission of a new (really) random seed for the LFSR. Hence a random seed constantly restarts the LFSR at truly random points in the sequence. Well I'm sure I didn't do justice to the crypto stuff, but its a start. If you want to know more general info read the cryptography-faq. It can be found in news groups sci.crypt, talk.politics.crypto, sci.answers, news.answers, talk.answers. Another good faq is pgp-faq found in news groups alt.security.pgp, alt.answers. Once you have read these faqs you will have to consult the authors of CS for more specific info on the various crypto features of CS and QPK. 8. Is it really secure?, You, decide! Well the public keys system used by Call Security, QPK ( Quick Public Keys) by Dave Colston has survived peer review. This is good. Charlie Merritt did the single private key stuff. I described this algorithm briefly (from a phone conversation) in question 7. Maybe this needs further public review? Also we don't have the source code so its hard to check for trap doors. I don't know what their motivation for a trap door is however. They want to make money off this thing. Plus all the normal stuff needs to be considered, like did some one put a bug (transmitter) in you sound card microphone, did they break in and steal the private key off your harddrive/ floppy drive, etc... Well you decide if you think call security is secure. I think it is but what do I know? Only time will tell how secure CS really is. 9. Is it safe to give them my public key when i upgrade from shareware (512 bit key) to the registered version (1024 bit key)?, Yes, its only the public key! Yes, the authors only want half of your public key. This public key is then used to create a file which enables receiving encrypted voice with your larger key. Note: Non-registered versions work just fine with registered users with large keys. 10. How do I set up my sound card? Well if you have an original mono 8 bit sound blaster you do nothing. If you don't have a classic sound blaster then you should put you sound card in sound blaster (8 bit mono) emulation. Please send me email njj@mc.com on how you set up your sound card to work with CS. I will add the info to this faq. 10.1 How do I set up my Gravis Ultrasound? Ultrasound cards have two sound blaster emulators. Only the SBOS emulator works with Call Security. Don't use MEGAEM. Before you run Call Security "SECURITY.EXE" Just exit windows & type SBOS at the DOS prompt. You should here the words SBOS installed on your sound card speakers, plus you will see confirmation of SBOS loading on your computer screen. If SBOS doesn't work consult your ultrasound documentation. Or read the gravis faq found on the news group comp.sys.ibm.pc.soundcard. Other sights for gravis sound card info include: FTP Sites Archive Directories --------- ------------------- Main N.American.Site: archive.orst.edu pub/packages/gravis wuarchive.wustl.edu systems/ibmpc/ultrasound Main Asian Site: nctuccca.edu.tw PC/ultrasound Main European Site: src.doc.ic.ac.uk /packages/ultrasound Main Australian Site: ftp.mpx.com.au /ultrasound/general /ultrasound/submit South African Site: ftp.sun.ac.za pub/packages/ultrasound Submissions: archive.epas.utoronto.ca pub/pc/ultrasound/submit Newly Validated Files: archive.epas.utoronto.ca pub/pc/ultrasound Mirrors: garbo.uwasa.fi mirror/ultrasound ftp.st.nepean.uws.edu.au pc/ultrasound ftp.luth.se pub/msdos/ultrasound Gopher Sites Menu directory ------------ -------------- Main Site: src.doc.ic.ac.uk packages/ultrasound WWW Pages --------- Main Site: http://www.cs.utah.edu/~debry/gus.html Main European Site: http://src.doc.ic.ac.uk/packages/ultrasound/ Main Australian Site: http://ftp.mpx.com.au/archive/ultrasound/general/ http://ftp.mpx.com.au/archive/ultrasound/submit/ http://ftp.mpx.com.au/gravis.html Mirrors: http://www.st.nepean.uws.edu.au/pub/pc/ultrasound/ 11. My modem is full duplex why isn't Call Security? The simple answer is sound blasters (and virtually every other sound card known to the program authors) are not full duplex. You can't sample digital sound at the same time you are playing digital sound! But if the authors, Dave & Charlie start making money off Call Security maybe they will be motivated to do a version with 2 sound cards, one for record the other for playback. 12. Are there any bugs in the program? Well one very minor bug is the wrong help file (security.doc) pops up when you request help in the terminal session of the program. What you really want to see is the svterm.doc file when trying to figure out how to send/receive voice messages. As I stated before print the documentation files svterm.doc, securty.doc, & readme.1st before running the program. Remember the Call Security is not windows compatible, so you can't have help in one window and call security in the other window! Another feature I find annoying is that public key exchange is not built in to the voice session. Okay maybe public key exchange is not something you want to do for every call (to prevent forgery) but at least make it a non-default menu pick! The best work around is to pull a copy of DSZ or GSZ off one of the shareware sights. This will allow Secure Voice to perform file exchange. Then use DSZ to exchange public keys prior to running a voice session. 13. Where do I get DSZ or GSZ for doing Zmodem transfers with Call Security? I haven't tried personally tried DSZ or GSZ yet. But here is one FTP sight (the SIMTEL primary mirror sight) I downloaded DSZ from while writing this faq: FTP Location: oak.oakland.edu: /pub/msdos/zmodem dsz-read.me A 516 890115 Explains what DSZ program is dsz0920.zip B 91253 940930 X/Y/Zmodem protocol file transfer pgm txzm241.zip B 42734 941005 Texas Zmodem: Fast/free Zmodem prot. driver gsz0920.zip B 112428 940930 X/Y/ZMODEM driver with graphic file xfer For more info on shareware sights read the news group comp.archives.msdos.announce. Other SIMTEL mirror sights include: St. Louis, MO: wuarchive.wustl.edu (128.252.135.4) /systems/ibmpc/msdos Corvallis, OR: archive.orst.edu (128.193.2.13) /pub/mirrors/simtel/msdos Australia: archie.au (139.130.4.6) /micros/pc/oak England: src.doc.ic.ac.uk (146.169.2.10) /pub/packages/simtel Finland: ftp.funet.fi (128.214.248.6) /pub/msdos/SimTel France: ftp.ibp.fr (132.227.60.2) /pub/pc/SimTel/msdos Germany: ftp.uni-paderborn.de (131.234.2.32) /SimTel/msdos Hong Kong: ftp.cs.cuhk.hk (137.189.4.57) /pub/simtel/msdos Israel: ftp.technion.ac.il (132.68.1.10) /pub/unsupported/dos/simtel Poland: ftp.cyf-kr.edu.pl (149.156.1.8) /pub/mirror/msdos South Africa: ftp.sun.ac.za (146.232.212.21) /pub/simtel/msdos Sweden: ftp.sunet.se (130.238.127.3) /pub/pc/mirror/SimTel/msdos Switzerland: ftp.switch.ch (130.59.1.40) /mirror/msdos Taiwan: NCTUCCCA.edu.tw (140.111.1.10) /PC/simtel Thailand: ftp.nectec.or.th (192.150.251.33) /pub/mirrors/SimTel/msdos %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% THERE IS A BODY ON THE INTERNET From Uncle Bob's Network News #103 There is a body on the Internet! At the annual meeting of the Radiological Society of America in Chicago on November 18, 1994, the National Library of Medicine unveiled its "Visible Man," a three-dimensional, computer-generated cybernetic body, which is now available on the Internet. "Visible Man" is an atlas of the human body, assembled digitally from thousands of x-ray, magnetic, and photographic images of cross sections of the body of Joseph Paul Jernigan, who was executed in Texas for murder, and who had willed his body to medical science. Using digitalized radiological data from the cadaver, researchers at the Heath Science Center of the University of Colorado, under a project funded by the NLM, compiled a virtual human body that can be viewed on a screen from any angle, dissected and reassembled by anatomy students, or used as a model to study the growth of cancer cells, for example. First, the real body was photographed with CT scans, magnetic resonance imaging, and conventional x-rays. Then it was embedded in gelatin, frozen, and sliced with a laser knife into more than 1,800 cardboard-thin cross-sections. One by one, the cross-sections were removed from the cadaver and digitally photographed. Thousands of pictures were entered into the computer. The main users are expected to be medical schools and researchers at large medical centers. There is no charge for the access but users must sign a licensing agreement with the NLM. The library has already heard from about 300 applicants, including brain surgeons, clothing designers, and traffic safety crash testers. According to NLM director Donald A. B. Lindburg, "People are awestruck by how detailed and good the images are." Don't expect to download "Visible Man" at home: the program is so complex it will require up to two weeks of Internet time to download and a capacity on the receiving computer of 15 gigabytes--or 15,000 megabytes. The project, costing $1.4 million, will continue next year with phase two: "Visible Woman." (compiled from news reports in The Richmond Times-Dispatch, The Washington Post, and The New York Times) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% ----------------- WINDOWS AND TCP/IP FOR INTERNET ACCESS By Harry M. Kriz (hmkriz@vt.edu) University Libraries Virginia Polytechnic Institute & State University Blacksburg, VA 24061-0434 http://learning.lib.vt.edu/authors/hmkriz.html In response to popular demand, I am publishing a new release of my paper on using Microsoft Windows to access Internet resources. Thanks to everyone who has e-mailed me and called me over the past year. I am delighted that the paper has been useful. I have been even more delighted to give permission for distributing copies at Internet workshops, and for copies to be posted on Internet servers. Perhaps this new release will find it's way into the hands of all those folks who are getting their first computers this Christmas. I hope this paper can play some small part in getting them over the rough spots. A plain text version of this complete document is available by anonymous ftp from: nebula.lib.vt.edu in directory /pub/windows/winsock under filename wtcpip06.asc A hypertext version is available at: http://learning.lib.vt.edu/wintcpip/wintcpip.html -------- ABSTRACT Internet, the global network of computer networks, is arousing enormous popular interest. In part this interest is being driven by the availability of free or inexpensive shareware software for Microsoft Windows. It is now technically simple for a personal computer to become a host on the Internet. The casual user can find, retrieve, and view information gathered from around the world without having to learn complicated computer commands. In this paper I describe the principal functions and services available via the Internet. Then I outline the technical background and terminology needed by the beginner who wants to make his PC a host on the Internet. Finally, I describe several Windows software packages and programs that facilitate using Internet services. All the software is freely available over the Internet. ------------------- PUBLICATION HISTORY The most recent plain text (ascii) version of this paper is always available by anonymous FTP from nebula.lib.vt.edu in directory /pub/windows/winsock under the name wtcpip**.asc. For example, this version is available as wtcpip06.asc. A hypertext version of this paper that is maintained on a more regular basis is available through the World Wide Web at: http://learning.lib.vt.edu/wintcpip/wintcpip.html The first version of this paper was released via Internet news and BITNET listserv on November 15, 1993. Revised and expanded versions were released on January 16, February 9, and March 21, 1994. A version was published by O'Reilly Associates in the March 14, 1994 issue of the "Global Network Navigator Toolkit," which was then accessible at: http://nearnet.gnn.com/GNN-ORA.html. Release 05 (June 21, 1994) was a major revision that was published by the Virginia Tech College of Engineering on the CD-ROM "1994-95 VT Engineering Tools." A print copy of Release 05 was also published by the Computing and Systems Technology Division of the American Institute of Chemical Engineers in "CAST Communications," Vol. 17, No. 2, pp. 6-14 (Summer 1994). ------------ INTRODUCTION Internet, the world-wide network of computer networks, has captured the imagination of the general public. Eighteen months ago, the Internet was barely mentioned in the popular computing magazines. Now it is the topic of articles in national news magazines, local newspapers, and grocery-store tabloids. Awareness of the Internet has spread primarily by word of mouth. Computer pundits were not discussing the Internet in Spring 1993 when I first began investigating the Internet in my work as a librarian. Indeed, most pundits seem to have acquired Internet access only in the Spring of 1994. Thus, computer magazines have not been helpful for those wishing to learn about the Internet. Now, in December 1994, there is something of a feeding frenzy of interest in the Internet. Bookstores are flooded with guides to the Internet. Software vendors are rushing to market with collections of software designed for navigating the resources on the Internet. It is almost as if the crest of the Internet wave has passed. Pundits who did not have access to the Internet last year are already writing negative opinions about the difficulties of navigating Internet resources, and about the uselessness of those resources. Complaints about the Internet are many. Certainly it can be difficult to find information and resources on the Internet. A great deal of information is unvalidated, non-authoritative, or otherwise questionable. Some resources should not be available to children. Some would argue that some of the information should not be distributed even to adults. It is important to remember that the Internet is not a service. Rather, it is a means of gaining access to services and of retrieving information and other objects that can be represented electronically. In considering complaints about the Internet, one might draw an analogy between the Internet and New York City. New York is big, complicated, and disorganized. The city's myriad resources can be hard to find. Some of what happens or what is available in New York should not be seen by children. For those wishing to navigate the complexity of New York, there are guidebooks, phone directories, magazine articles, and individuals with expert knowledge about areas of particular interest. One can navigate the complexity of the city by subway, taxi, and bus. One can even hire a private guide to conduct a tour of the city. The Internet can be compared to the streets of New York City. The services available on the Internet have their analogies in the city's libraries, department stores, bookshops, art galleries, street vendors, and street- corner zealots passing out literature or lecturing the passing crowds. It is safe to assume that somewhere on the streets of the city there will be found information and services of interest to almost anyone. However, finding that information might take some time for someone who is new to the city and its resources. Similarly, somewhere on the Internet there also will be found information and services of interest to almost anyone. Traveling on the Internet requires only a few basic tools. First is a computer with a network connection to the Internet. A direct connection using a PC equipped with a network interface card that interfaces with a local area network linked to the Internet is common at universities, and becoming more common in businesses. If a direct network connection is not available, an alternative is to connect to the Internet through the computer's serial port. This involves a telephone connection to a terminal server that offers SLIP (Serial Line Internet Protocol) or PPP (Point to Point Protocol) service. Any of these connections can be used with a variety of commercial or shareware software to make your personal computer a host on the Internet and to access services and information from the entire earth. This paper will emphasize the use of freeware and shareware versions of software running under Microsoft Windows. ----------------- INTERNET SERVICES The Internet services of interest to most people consist of four basic functions. These are electronic mail (e-mail), Internet news, file transfer between computers (FTP), and remote login to another computer (telnet). Access systems like Gopher and World Wide Web now supplement these basic Internet functions by assisting the user in searching for and retrieving relevant information in a user-friendly manner. Until recently, Internet functions were accessible primarily through character-based interfaces using a variety of complex command sets. Thus, until recently, best-selling books on the Internet contained page after page of screen displays or command sequences captured from UNIX-based systems executing basic Internet functions. Affordable Internet software for Windows first became available in Spring 1993. Prior to that time, Windows users were dependent for Internet access on expensive, proprietary, commercial products in which each vendor's offerings were mutually incompatible with every other vendor's offerings. Publication of the Winsock applications programming interface provided a way for individual client software (such as a telnet or FTP client) to be compatible with every vendor's networking products. As a result, beginning in 1993 there was a blossoming of freeware, shareware, and commercial Internet software for Windows. Of special interest has been the development of Windows interfaces to the World Wide Web. Mosaic is the best known Web browser. Other choices include Cello, Netscape, and WinWeb. The Web was developed by the high energy physics community to distribute technical papers and other forms of data. WWW is now widely viewed as a means for educators, businesses, and hobbyists to distribute multimedia information to a world-wide audience. Graphical WWW clients enable publication of data over the Internet in a manner which allows the user to view text, color graphics, sound, and video in a manner that approaches the usability, and surpasses the functionality, of a printed magazine. Those interested in publishing WWW documents may find it useful to read my paper "Teaching and Publishing in the World Wide Web." A plain text version is available by anonymous FTP from: nebula.lib.vt.edu in directory /pub/www under the name websrv01.asc. A hypertext version is available through the Web at http:/learning.lib.vt.edu/webserv/webserv.html. ****** E-MAIL Electronic mail is probably the most widely used Internet function. A commonly used configuration requires that a user have an account on a POP (Post Office Protocol) mail server. The e-mail client software accesses the server and downloads any incoming messages to the user's PC. Mail composed at the user's PC is transmitted to the Internet through the mail server. ************* INTERNET NEWS Internet news, also referred to as USENET news, is a conferencing system made up of thousands of topical conferences known as news groups. Those familiar with electronic bulletin board systems will compare Internet news to echo conferences. Others will draw an analogy to mailing lists such as listserv on BITNET. The user reads the news by using client software to subscribe to a selection of news groups. When the client software accesses an NNTP (Network News Transfer Protocol) server, the server downloads to the client a list of subjects for all unread messages stored on the server for the selected news group. The user can then select any message for reading, post a response to the message to the group, or reply directly to the original poster of the message. The client software maintains on the user's PC a list of all available groups on the server, along with records of which messages have been read or skipped over. Only the messages selected for reading are actually downloaded to the user's PC. *** FTP FTP (File Transfer Protocol) allows the transfer of files between any two computers of any type. Files can be transferred from PC to PC, PC to mainframe, PC to Mac, PC to UNIX machine, and vice versa. Any kind of computer file, whether it be a text file or a binary file representing software, graphics images, or sounds, can be transferred. Of course, whether the file is usable on the receiving machine depends on the nature of the file and the availability of software to make use of the file. ****** TELNET Telnet enables the user of a PC to login to a host computer at another site on the Internet. The user's PC then acts as a dumb terminal attached to the remote host. Such access usually requires that the user have an account on the remote host. For instance, a student or faculty member at one university might have an account on a computer located at another university. An increasing number of commercial services are becoming available via telnet, including services such as the Dow Jones News Service and the Lexis/Nexis service. In addition, some services are available without charge. For example, hundreds of libraries in all parts of the world allow free remote access to their computerized catalogs and to some specialized databases. ****** GOPHER Gopher is a system that enables the user to find files and other Internet services by navigating a system of text menus and submenus. As a corollary, it provides a means for information providers to publish information on the Internet in a discoverable manner. Prior to the development of Gopher at the University of Minnesota, information on the Internet was located by asking friends and strangers where to look. The first step in using a Gopher client is to "point" the client at the address of a known Gopher server. The client then retrieves that Gopher's menu of topics. Typically, many of the topics on a Gopher menu are pointers to yet other menu items on other Gopher servers. The fact that items in the sequence of selections might come from different Gopher servers in widely scattered parts of the world is transparent to the user. The Gopher client software presents the many different Gopher servers as if they represented a single application on a single machine. Navigating such menus can lead the user to skip from one Gopher server to another, literally retrieving information from servers scattered around the world in just a few minutes. Items on Gopher menus can be of many different data types in addition to menus listing choices of topics. When an item such as a text, graphics, or sound file is selected, the Gopher client transfers the file to the user's PC. Then, as an option, it may load the file into an appropriate "viewer" selected by the user. A simple text file could be loaded into Windows Notepad. A graphics file in GIF or JPEG format might be loaded into LVIEW, a popular freeware graphics viewer for Windows. A binary program file would simply be downloaded into a designated directory for use at some other time. Finding relevant Gopher menu items is facilitated through the use of Veronica, which is a database of the text of Gopher menus. Most Gopher servers will include Veronica access as a menu selection. ************** WORLD WIDE WEB World Wide Web (WWW) is a system that enables users to find and retrieve information by navigating a system of hypertext documents. In a hypertext document, selecting a highlighted word or phrase causes a new document to be retrieved and displayed. Thus, WWW leads the user to skip from one document to another, retrieving information from servers scattered around the world. Viewing a WWW document with a Windows graphical client such as Cello, Mosaic, Netscape, or WinWeb is similar to reading a magazine. Information is displayed with typographic fonts and color graphics. Unlike a magazine, the static display can be supplemented by sound and video clips that are played by clicking an icon embedded in the document. Clicking on a highlighted word or phrase in the document may cause the reader to skip to another part of the displayed document, or it may cause yet another document to be retrieved. ----------------- TECHNICAL DETAILS It is helpful to know some Internet terminology when working with your local network specialist or Internet service provider to make your PC a host on the Internet. The two common modes of Internet access are through a direct network connection or through a serial connection to a SLIP or PPP server. A direct network connection involves installing a network interface card (NIC) in your PC. Most likely this will be an ethernet card. This card in turn is connected to your organization's local area network. Wiring usually consists of coaxial cable (as in thin-wire ethernet) or twisted pair telephone wiring (as in 10Base-T ethernet). The local network in turn must be connected to the Internet, and it must be capable of handling TCP/IP data packets. TCP/IP (Transmission Control Protocol/Internet Protocol) is the method by which data on the Internet is divided into packets of bytes. Each packet is delimited with header information that includes the destination address where the packet is to be routed when it is transmitted over the Internet. The local network and your PC may also be using other network protocols simultaneously with TCP/IP. For instance, your PC may already be connected to a network using Novell, LANtastic, or Windows for Workgroups network protocols. *************** SOFTWARE LAYERS Several layers of software are involved in implementing a direct network connection. A commonly used method is to first install a piece of software called a packet driver that deals directly with the network interface card. This is loaded under DOS from the AUTOEXEC.BAT file as a TSR (terminate and stay resident) program. A packet driver should be included with the software that comes with the card. If the manufacturer of the card does not supply a packet driver, free packet drivers are available in the Crynwr Packet Driver Collection as described at the end of this document. The next layer of software is the TCP/IP driver, which can be implemented in a variety of ways. Until recently, this was often another DOS TSR program loaded from the AUTOEXEC.BAT file. Increasingly this layer of software is implemented as a Windows dynamic link library (DLL) or virtual device driver (VxD). The DLL and VxD implementations do not require any modification of the boot files on the PC. The TCP/IP driver that implements TCP/IP functionality for the system is referred to as the TCP/IP protocol stack. The driver may be written to work with a specific network card, or it may be written to interface with a packet driver. In the latter case, a single TCP/IP driver can be used with any network card for which an associated packet driver is available. Thus, the packet driver specification eliminates the need for software vendors to customize their TCP/IP protocol stack for every network card with which it is used. When using a packet driver with Windows applications, another DOS TSR referred to as a virtual packet driver may be required to interface between the Windows-based TCP/IP protocol stack and the DOS-based packet driver. When a direct network connection is not available, Internet TCP/IP software can be used over serial lines to connect to a SLIP (Serial Line Internet Protocol) or PPP (Point to Point Protocol) server that provides a connection to the Internet. SLIP and PPP do not require the software drivers that are necessary with a direct network connection. The Trumpet Winsock shareware package to be described later has all SLIP and PPP functions included in the TCP/IP driver, which is configured through a Windows dialog box. SLIP and PPP are less transparent to the user than a direct network connection. The user first obtains an account on a SLIP or PPP server. Connecting to the Internet involves dialing the server using normal serial communications software and establishing a SLIP or PPP session. Once the session is established, TCP/IP software running on the PC can be used just as if the PC was connected directly to the Internet through a network card. SLIP and PPP users are well advised to settle for nothing less than transmission at 14,400 bits per second. World Wide Web especially transmits a great deal of data when images or sound are involved. Slow modems and slow connections will discourage anyone but the most dedicated user from exploring the possibilities of the Internet. TCP/IP client applications work at the top of the layers of software so far described. Client software runs independently of the type of connection to the Internet. TCP/IP applications frequently are referred to as clients because they access a corresponding server (a daemon in UNIX terminology) on another machine. An FTP client, for instance, is the application on the user's machine that accesses the FTP server running on a host computer located elsewhere on the Internet. Until recently, each TCP/IP client had to be written to interface with a particular vendor's TCP/IP protocol stack. Clients that worked with one vendor's TCP/IP driver would not work with a driver from another vendor. This restriction was eliminated with the development of the Windows Sockets Application Programming Interface, otherwise known as the Winsock API, or more simply Winsock. Winsock works in the layer between the TCP/IP client and the TCP/IP protocol stack.----------------- ------- WINSOCK "Winsock" is the buzzword that dominates discussion about TCP/IPand Windows. All of the software to be described here is based on Winsock. The implementation of Winsock is transparent to the user, but it is helpful for the end-user to know how it supports Windows applications. Winsock (short for Windows sockets) is a technical specification that defines a standard interface between a Windows TCP/IP client application (such as an FTP client or a Gopher client) and the underlying TCP/IP protocol stack. The nomenclature is based on the Sockets applications programming interface model used in Berkeley UNIX for communications between programs. When you launch a Winsock compliant client like WSGopher, it calls procedures from the WINSOCK.DLL dynamic link library. These procedures in turn invoke procedures in the drivers supplied with the TCP/IP protocol stack. As described earlier, the TCP/IP driver communicates with the computer's ethernet card through the packet driver. The WINSOCK.DLL file is not a generic file that can be used on any system. Each vendor of a TCP/IP protocol stack supplies a proprietary WINSOCK.DLL that works only with that vendor's TCP/IP stack. The advantage of Winsock to the developer of a client is that the application will work with any vendor's Winsock implementation. Thus, the developer of an application such as a Gopher client has to understand the Winsock interface, but he does not have to know the details of each vendor's TCP/IP protocol stack in order to make his client application compatible with that stack. Winsock also eliminates the need for an application developer to include a custom TCP/IP protocol stack within the application program itself. This was a common means of implementing TCP/IP clients under DOS, and some early Windows TCP/IP clients also used this method. The use of protocol stacks internal to the client results in conflicts when two clients try to access the single packet driver that is communicating with the network card. The ability to create applications compatible with any vendor's Winsock compliant protocol stack resulted in a blossoming of Winsock compliant shareware applications beginning in Summer 1993. The Winsock standard also offers advantages to the end-user. One advantage is that several Winsock applications from different vendors can be used simultaneously. This is a marked improvement over earlier packet driver applications in which each application contained a built-in TCP/IP stack. Such applications cannot share the packet driver except through the added complexity of a packet multiplexer such as PKTMUX. A second advantage to the user is that any Winsock compliant application will run with any vendor's TCP/IP protocol stack and accompanying WINSOCK.DLL. Unfortunately, some commercial vendors of TCP/IP clients are not yet taking advantage of Winsock capabilities. There are still TCP/IP clients that require dedicated access to the packet driver, and there are clients that will run only with the TCP/IP protocol stack supplied by one particular vendor. Fortunately, the trend is for all commercial vendors to make their applications more usable and portable through the use of the Winsock standard. --------------------- SOFTWARE DESCRIPTIONS Once the required networking hardware is installed and an IP address is assigned, or once an account is obtained on a SLIP or PPP server, the user needs to install a TCP/IP protocol stack and a selection of TCP/IP clients. The remainder of this paper describes such software. For each application, I briefly outline the installation procedures. I do this primarily to illustrate the simplicity of using Windows for Internet access. Please be sure to read any text files included with each package in order to complete the configuration and to learn about all functions of the software. I have installed all the software described here for many of my colleagues in the Virginia Tech Libraries. With some practice I have found that I can install a complete suite of TCP/IP applications in about half an hour. Some individuals who read the previous versions of this document were up and running in less than an hour after obtaining the software. They expressed their delight at the ease of networking with Windows. ********************************** DISCLAIMERS AND LIMITED WARRANTIES I am not an expert on anything. I am just an enthusiastic end-user of these products in my daily work. I have used all of the client software with a direct connection to an ethernet network using a Western Digital or SMC ethernet card with the Trumpet Winsock shareware TCP/IP protocol stack and WINSOCK.DLL. In addition, I have used most of the clients with FTP Software's commercial package PC/TCP version 2.2. In the latter case I obtained the most recent version of FTP Software's WINSOCK.DLL file by anonymous FTP from ftp.ftp.com in directory /support/ftpsoft/winsock under the name winsock.exe (a self-extracting ZIP file)(November 16, 1994 | 46,375 bytes). The Trumpet and FTP products both use a packet driver interface to the network card. I have also used most of the clients on a Windows for Workgroups network using Microsoft's add-on TCP/IP package. This package is available by anonymous FTP from ftp.microsoft.com in the directory /peropsys/windows/public/tcpip under the filename WFWT32.EXE (November 29, 1994 | 680,621 bytes), a self-extracting archive file. I also have used most of the client software through a SLIP server using the Trumpet Winsock. Both a dialup connection to the SLIP server and a modemless connection through an IBM/ROLM digital switch were used at various times. I have no experience with PPP connections. As discussed above, the client software described here should run with any TCP/IP protocol stack that offers Winsock support. If your PC is already using a network operating system that does not include Winsock support, you should check with your vendor to find out if Winsock support is available. If Winsock support is not available from your vendor, then it may be possible to install the Trumpet Winsock TCP/IP protocol stack over your existing network drivers using a small program known as a packet driver shim. Instructions for this configuration are included in the Trumpet Winsock documentation. In the following descriptions, information about version numbers, file sizes, and dates was verified on December 20, 1994. *************** TRUMPET WINSOCK (TCP/IP protocol stack and basic clients, ) (including telnet, ping, and Archie ) Comment: You need this package (or some other TCP/IP protocol stack that supports Winsock) before you can use any of the client software described later. Trumpet Winsock does not require any additional network software. Its TCP/IP functions can be installed over other network software such as Novell or Windows for Workgroups using a packet driver shim. Instructions for such installations are included in the ZIP file. Author: Peter Tattam, Trumpet Software International Fee: $25 shareware fee. Version: 2.0 Revision B File name: twsk20b.zip (November 3, 1994 | 179,015 bytes) (includes the TCP/IP protocol stack) winapps2.zip (November 29, 1994 | 162,023 bytes) (includes basic clients) Available by anonymous FTP from: ftp.trumpet.com.au in directory /ftp/pub/winsock or by Gopher from gopher.trumpet.com.au under menu item winsock. The Australian hosts can be slow. An alternative gopher site is biochemistry.bioc.cwru.edu under the menu item CWRU Biochemistry FTP Archive/trumpwsk. You can also FTP to this address and access the directory /gopher/pub/trumpwsk. However, only one anonymous FTP user is permitted weekdays during normal working hours from 9:00 AM to 5:00 PM local time. Note that this site may not contain the latest version of the files. For example, at this writing it did not contain the most recent winapps2.zip file. Installation: 1.) Create directory C:\TRUMPWSK and unzip TWSK20B.ZIP and WINAPPS2.ZIP into this directory. 2.) Install software drivers. Ethernet network: a.) Install packet driver for your ethernet card. The entry in my AUTOEXEC.BAT file is: C:\ETHERNET\8003PKDR.EXE /B:240 /R:D000 /I:10 /E:61 b.) Install WINPKT.COM virtual packet driver included in TWSK20B.ZIP. The entry in my AUTOEXEC.BAT file is: C:\TRUMPWSK\WINPKT.COM 0x61 SLIP or PPP: No special drivers are needed because SLIP and PPP support are built into the Trumpet Winsock TCPMAN.EXE program. 3.) In Program Manager, create a program group named Network. Use File Manager to drag and drop the EXE files in C:\TRUMPWSK into the Network program group. 4.) Edit the PATH statement in AUTOEXEC.BAT to include C:\TRUMPWSK. This enables Winsock applications to find WINSOCK.DLL when they are launched. 5.) Reboot the computer and start Windows. 6.) Launch TCPMAN from the Network program group. Select Setup on the menu bar. Enter your IP address, gateway address, and nameserver address as assigned by your local network administrator. (Some SLIP and PPP servers, as well as some direct network connections, do not use permanent IP addresses. Instead, the server assigns a temporary IP address at the start of each session. If the server provides a bootp service, then enter the text "bootp" (without the quotes) in place of the IP address. On some servers it may be necessary to enter the dummy IP address 0.0.0.0. Some servers report the assigned IP address during session startup, requiring the user to manually enter the assigned address in the Setup dialog box before proceeding into SLIP mode.) If you are using ethernet, enter the software interrupt used by the packet driver. If you are using SLIP or PPP, check the appropriate box and enter the appropriate COM port number in the SLIP port box. Exit from TCPMAN. The file TRUMPWSK.INI will be created in the C:\TRUMPWSK directory. 7.) Launch any Winsock compliant application. TCPMAN.EXE will start automatically if it is not already running. (If you are using SLIP or PPP, you must first connect to the server and start a session. This can be done with the dialing function in TCPMAN.) Several clients are included with the Trumpet Winsock, including TRMPTEL.EXE version 0.07 for telnet, WINARCH.EXE for searching Archie databases, and PINGW.EXE to ping another machine on the network. PINGW provides the simplest means of verifying that you have a network connection. Launch PINGW and enter the name of an Internet host at the prompt. For example, you might try to PING ftp.trumpet.com.au. If your connection is working, and if the host is operating, you will receive a response from the remote host. Note: The WINSOCK.DLL file for the Trumpet Winsock remains in the C:\TRUMPWSK directory. Some vendors may require that their WINSOCK.DLL be copied to the C:\WINDOWS directory. If you have used Winsock software from another vendor, but now want to try the Trumpet Winsock, be sure to remove the other vendor's WINSOCK.DLL so that it will not interfere with the Trumpet Winsock implementation. Tip: The WINARCH client for Archie searching that is supplied in WINAPPS2.ZIP defaults to searching the Archie server at archie.au. You can access a different Archie server by using a command line argument. For instance, to use the Archie server run by AT&T, use the command line winarch.exe -archie=ds.internic.net. SLIP or PPP usage: Trumpet Winsock includes a simple dialing function. You can connect to your server by manually issuing the dialing commands. You can also write a script that will dial and start your session automatically. PITFALL: After dialing with TCPMAN.EXE and establishing the SLIP or PPP session, you must press the key to escape from dialing mode and to re-enable the TCP/IP mode in TCPMAN.EXE. You may want to dial your server automatically without writing a custom dialing script for TCPMAN.EXE. A utility named DIALER can be set up to automatically issue the commands and passwords needed to start a session on your server. DIALER version 2.0A is available by anonymous FTP from: ftp.demon.co.uk /pub/ibmpc/windows/utilities/dialexe.zip (May 27, 1994 | 31,072 bytes) ******* WSGOPHER (Gopher client) Comment: A fast client with a useful system for saving bookmarks in a subject classified arrangement and a good help system. Author: Dave Brooks License: Free Version: 1.2 File name: wsg-12.exe (December 13, 1994 | 367,860 bytes) Available by anonymous FTP from: dewey.tis.inel.gov in directory /pub/wsgopher Installation: 1.) Create the directory C:\WSGOPHER and copy the file WSG-12.EXE to this directory. This file is a self- extracting ZIP file. 2.) Execute WSG-12.EXE. The files will be extracted to the directory. 3.) Create a new program item in the Network program group for the program C:\WSGOPHER\WSGOPHER.EXE. 4.) Launch WSGopher and read the Help file. 5.) Select the Configuration menu and set the various parameters and options as desired. The WSGOPHER.INI file and bookmark files are kept in the C:\WSGOPHER directory. ******************* TRUMPET FOR WINDOWS (Internet news reader and POP mail client) Comment: To read Internet news, you need access to an NNTP(Network News Transfer Protocol) server. To use the mail functions, you need an account on a POP (Post Office Protocol) mail server. (I have not tested the mail functions in this application because I prefer to use PC Eudora for mail.) Author: Peter Tattam, Trumpet Software International Fee: $40.00 shareware fee. TSI has extended the free trial period until the final release of version 1.0B, which is in beta testing at this time. Version: 1.0 Revision A File name: wtwsk10a.zip (August 28, 1993 | 167,601 bytes) Available by anonymous FTP from: ftp.trumpet.com.au in directory /ftp/pub/wintrump or by Gopher from gopher.trumpet.com.au under menu item wintrump. Installation: 1.) Create the directory C:\WINTRUMP and unzip WTWSK10A.ZIP into this directory. 2.) Create a new program item in the Network program group for the program C:\WINTRUMP\WT_WSK.EXE. 3.) Launch the program. 4.) Supply the address and other information in the dialog boxes for the menu selections File Setup and File Network Setup. NEWS.PRM and other configuration files will be created and stored in C:\WINTRUMP. PITFALL: The list of available news groups on your news server is stored by Trumpet in the file NEWS.GRP. At times, Trumpet fails to fully update this file as new groups become available from the news server. You can force Trumpet to create a new and complete list of available groups by erasing NEWS.GRP before starting Trumpet. ****************** EUDORA FOR WINDOWS (full featured mail client) Comment: You will need an account on a POP mail server to send and receive mail at your PC. QUALCOMM sells a commercial version of Eudora for both Windows and the Macintosh. Author: Jeff Beckley, Jeff Gehlhaar, and Mark Erikson, QUALCOMM, Inc. License: Shareware version is free. The author, Jeff Beckley, requests that you send him a postcard at QUALCOMM, Inc., 6455 Lusk Blvd., San Diego, CA 92121-2779 USA if you find the program useful. Information about the commercial version is available through QUALCOMM's QUEST group World Wide Web page at http://www.qualcomm.com/quest/QuestMain.html or from QUALCOMM's FTP server at ftp.qualcomm.com in directory /quest/eudora/windows. Questions about Eudora can be sent by e-mail to eudora-sales@qualcomm.com Version: Shareware: 1.4.4 File name: eudor144.exe (December 7, 1994 | 292,942 bytes) (self extracting archive file) Available by anonymous FTP from: ftp.qualcomm.com in directory /quest/windows/eudora/1.4 Installation: 1.) Copy the file EUDOR144.EXE to the directory C:\EUDORA. 2.) Execute EUDOR144.EXE to unarchive the program files. 3.) Create a new program item in the Network program group for the program C:\EUDORA\WEUDORA.EXE. 4.) Launch the program. 5.) Select Special Configuration from the menu bar and supply the required information. 6.) Select Special Switches and set characteristics as desired. 7.) Create mailboxes and nicknames to taste. 8.) The file EUDORA.INI and other configuration files will be created in the C:\EDUORA directory. ******* WS_FTP (FTP client) WS_PING (ping client) Author: John Junod License: Free to individuals for any non-commercial use and for any U. S. Government Organization. Others should contact Ipswitch, Inc., 669 Main Street, Wakefield, MA, 01880, (617)246-1150, info@ipswitch.com. Version: 94.10.18 (WS_FTP) 94.10.20 (WS_PING) File names: ws_ftp.zip (October 20, 1994 | 113,252 bytes) ws_ping.zip (October 21, 1994 | 60,496 bytes) Available by anonymous FTP from: ftp.usma.edu in directory /pub/msdos/winsock.files Installation: 1.) Create the directory C:\WS_. 2.) Unzip WS_FTP.ZIP into this directory. 3.) Unzip the file WS_PING.EXE from its ZIP file into this directory also. (Full source code for WS_PING is included in the ZIP file with the name WSPI_SRC.ZIP. Source code for the current version of WS_FTP is not distributed. However, source code for the 93-12-05 version of WS_FTP can be downloaded from directory /pub/msdos/winsock.files under the name ws_ftp_s.zip.) 4.) Create new program items in the Network program group for the programs C:\WS_\WS_FTP.EXE and C:\WS_\WS_PING.EXE. 5.) Launch the programs. 6.) The WS_FTP.INI file remains in the C:\WS_ directory. A file named WINSOCK.INI is created by WS_PING in the C:\WINDOWS directory. ***** CELLO (World Wide Web browser) Comment: Despite its age, Cello version 1.01a performs well. It continues to be more stable than Mosaic, and it is the best client for printing. It includes a useful Help system. Configuration is done from within the application, not by directly editing the CELLO.INI file. Unfortunately, Cello does not understand forms. Users of Diamond Stealth video cards report problems with the mouse cursor, which virtually disappears while the mouse is moving. The listserv CELLO-L is busy with messages about CELLO development and about shareware for creating HTML documents for use on Web servers. Instructions for subscribing to CELLO-L are included in the Cello Help file. Version 2.0 is now in the hands of alpha testers. Author: Thomas R. Bruce License: Free Version: 1.01a File name: cello.zip (March 17, 1994 | 328,429 bytes) Available by anonymous FTP from: ftp.law.cornell.edu in directory /pub/LII/Cello Installation: 1.) Create the directory C:\CELLO and unzip CELLO.ZIP into this directory. 2.) Create a new program item in the Network program group for the program C:\CELLO\CELLO.EXE. 3.) Launch the program. *********** NCSA MOSAIC for Microsoft Windows (World Wide Web browser) Comment: Users should note the alpha version designation and use caution about saving work in any other running applications before launching Mosaic. As in previous versions over the past year, simply launching and then exiting from Mosaic permanently reduces by some 3 percentage points the Windows user.exe resources on my machine. Launching Mosaic and exiting several times can lead to conditions that require you to restart Windows. However, Mosaic's previous problem of overwriting text when displaying large files seems to be fixed in this version. Mosaic is a 32-bit application that will run under Windows NT, Microsoft's advanced workstation operating system. Most users will be using Windows 3.1 or Windows for Workgroups, which are 16-bit applications. To use Mosaic with these systems, you must first install Win32s version 1.20 with OLE or later. This addition to the Windows operating system enables current versions of Windows to run 32-bit code that is not Windows NT specific. NCSA recommends a 33MHz 486 with 8MB of RAM for running this version. Authors: NCSA (National Center for SuperComputing Applications) License: Free Version: 2.0.0a8 File name: mos20a8.exe (December 20, 1994 | 955,546 bytes) w32sole.exe (December 20, 1994 | 2,240,650 bytes) Available by anonymous FTP from: ftp.ncsa.uiuc.edu in directory /Web/Mosaic/Windows Installation: 1.) Copy W32SOLE.EXE to a temporary directory and execute the program. This will extract the two component files INSTALL.BAT and WIN32DSK.EXE. The latter is another self extracting archive file. 2.) Execute INSTALL.BAT. (This batch file issues the command WIN32DSK.EXE -d to extract the component files into the subdirectories DISK1, DISK2, and DISK3. These subdirectories will be created below the temporary directory containing INSTALL.BAT.) 3.) Change to the DISK1 subdirectory and execute SETUP.EXE. This will install Win32s version 1.20 with OLE. Many of the files will be installed in the directory C:\WINDOWS\SYSTEM\WIN32S. If you have an older version of WIN32S already installed, it will be removed. You should allow installation of the game FreeCell in order to test that Win32s is properly installed on your machine. Once this is verified, you can erase the files and directories in the temporary installation directory. 4.) Copy MOS20A8.EXE to the temporary installation directory. Remember to erase any files and subdirectories left in the temporary directory from the installation of Win32s. 5.) Execute MOS20A8.EXE to extract the component files, including SETUP.EXE. 6.) Execute SETUP.EXE to install Mosaic version 2.0 alpha 8 in the directory of your choice. MOSAIC.INI will be copied to the C:\WINDOWS directory. 7.) Launch the program. Read the files README.WRI and RELNOTES.HTM to learn how to fully configure Mosaic to your needs. 8.) When installation is complete, you can remove the temporary installation directory. NOTE: You can avoid the added complexity of installing Win32s and the substantial demands it places on your PC by using the older Mosaic version 2.0 alpha 2 (June 27, 1994 | 243,749 bytes). ******** NETSCAPE (World Wide Web browser) Comment: Netscape Navigator is generating enormous interest at this writing as the logical successor to Mosaic. FTP sites designated as sources for Netscape frequently are inaccessible. Author: Netscape Communications Corporation License: Free for academic or not-for-profit use. Others, including government users, should contact Netscape Communications Corporation. Version: 1.0N File name: ns16-100.exe (December 17, 1994 | 706,929 bytes) Available by anonymous FTP from: ftp.mcom.com in directory /netscape/windows or ftp2.mcom.com in directory /netscape/windows. Frequently it is impossible to connect by anonymous FTP to servers distributing Netscape. The best mode of access is to use a World Wide Web browser and load the URL http://home.mcom.com/info/how-to-get-it.html. Installation: 1.) Copy the file NW16-100.EXE to a temporary directory and run it. This will extract the component files, including SETUP.EXE. 2.) Run the program SETUP.EXE by selecting the file in File Manager or by using the menu selection File Run in Program Manager. SETUP will install Netscape in a directory of your choice, and it will create a program icon in the group you designate. 3.) Launch the program. Configure Options and Preferences to taste. The file NETSCAPE.INI is kept in the Netscape program directory. ****** WINWEB (World Wide Web browser) Comment: A fast and easy browser from EINet. Author: MCC-EINet (Microelectronics and Computer Technology Corporation) License: Free Version: 1.0 Alpha 2.2 File name: winweb.zip (December 19, 1994 | 598,873 bytes) Available by anonymous FTP from: ftp.einet.net in directory /einet/pc Installation: 1.) Create the directory C:\WINWEB and unzip WINWEB.ZIP into this directory. 2.) Move the included file VBRUN300.DLL to the windows system directory, usually C:\WINDOWS\SYSTEM. (This file is a runtime library for Microsoft Visual Basic. If you already have a copy installed from some other application, you can simply delete it from the \WINWEB directory. 2.) Create a new program item in the Network program group for the program C:\WINWEB\WINWEB.EXE. 3.) Launch the program and configure to taste. The file WINWEB.INI will be created in the C:\WINDOWS directory. ***** WFTPD (FTP server) Comment: I had not imagined I would want or need to use my PC as an FTP server. However, I have found this product useful on a couple of occasions to transfer files from an IBM mainframe to my PC. This is far easier than trying to FTP to the mainframe from my PC. Note that WinQVT/Net, which is described later, has an FTP server function also. However, the server in WinQVT/Net would not work when I tried to use Fetch on my PowerMac to retrieve a file from my Windows machine. WFTPD had no problems serving files to Fetch. Author: Alun Jones License: $15.00. The unregistered shareware version displays a message to anyone accessing the server that the owner is unable or unwilling to pay the shareware fee. The shareware version is limited to five file transfers per session. Version: 1.95 File name: wftpd195.zip (October 20, 1994 | 147,612 bytes) Available by anonymous FTP from: ftp.cica.indiana.edu in /pub/pc/win3/winsock or by gopher from: ftp.cica.indiana.edu under menu item PC and CICA Windows Files/ CICA Windows Files/Winsock Compliant Apps Installation: 1.) Create the directory C:\WFTPD and unzip WFTPD195.ZIP into this directory. 2.) Create a new program item in the Network program group for the program C:\WFTPD\WFTPD.EXE. 3.) Launch the program. 4.) Complete the information in the Security dialog box to establish security control using access passwords and restricted home directories for those you authorize to access your PC. The file WFTPD.INI will be created in the C:\WINDOWS directory. ------ TELNET The glaring deficiency in the Winsock pantheon of Internet clients is the absence of a good stand-alone telnet client. Here is a brief description of some alternatives I have tried. ********** WinQVT/Net Comment: WinQVT/Net is an integrated package that includes telnet, FTP, FTP server, mail, and news reader functions. These separate client and server functions are normally launched from a console window. The telnet client is probably the best shareware Winsock telnet client available. You can select terminal emulations and customize the keyboard. The resizable telnet window includes scrollback and session logging. A deficiency is that telnet cannot be launched independently of the console window. However, if WinQVT/Net is already running, then an instance of the telnet client can be launched from another application by invoking the TNSTART.EXE program that comes with WinQVT/Net. This makes it possible to use this telnet client as the telnet viewer or helper with Gopher or World wide Web clients. Author: QPC Software License: Shareware registration is $40 ($20 for students). There has been discussion in alt.winsock and other news groups about the difficulty of getting any response to e-mail and fax messages from the author of WinQVT/Net. Paying the license fee may be difficult as a result. Version: 3.98 File name: qvtws398.zip (December 16, 1994 | 390,960 bytes) Available by anonymous FTP from: biochemistry.bioc.cwru.edu in directory /gopher/pub/qvtnet or by Gopher from biochemistry.cwru.edu under the menu selection CWRU Biochemistry FTP Archive/qvtnet. Gopher access is preferable as only one anonymous user is permitted weekdays during normal working hours from 9:00 AM to 5:00 PM local time. ************** TRUMPET TELNET Comment: This simple client is my favorite for use as a telnet viewer or helper with Gopher or World Wide Web clients. Unfortunately, it lacks sophisticated features needed by heavy users of telnet. Author: Peter Tattam License: Free beta version Version: 0.07 File name: trmptel.exe (October 13, 1994 | 71,168 bytes) This file is included in the WINAPPS2.ZIP file distributed as part of the Trumpet Winsock package. **** EWAN Comment: EWAN (Emulator Without a Good Name) is a more complete Winsock telnet client than Trumpet Telnet. It allows printing the screen, printing the scrollback buffer, and logging a session to a file. It can be used as a telnet viewer with Gopher or World Wide Web clients. Author: Peter Zander License: Free Version: 1.04 File name: ewan104.zip (November 23, 1994 | 221,051 bytes) Available by anonymous FTP from: ftp.lysator.liu.se in directory /pub/msdos/windows ******* QWS3270 Comment: Telnet clients usually emulate a VT100 terminal or one of its variations, the standard for connecting to a UNIX host. However, telneting to an IBM mainframe requires emulation of an IBM 3270 terminal. QWS3270 provides this functionality. I was especially pleased with the easily-configured, four-color capability that makes it easier to distinguish protected, unprotected, and highlighted text on a VM screen. Author: Jim Rymerson License: Free Version: 3.2e File name: qws3270.zip (November 14, 1994 | 73,365 bytes) Available by anonymous FTP from: ftp.ccs.queensu.ca in directory /pub/msdos/tcpip ------------------------------------- OTHER SOURCES FOR WINSOCK INFORMATION It remains true that the best guide to the Internet is the Internet itself. The best software for navigating the Internet is freely available on the Internet. Considerable information about the Winsock API, along with some application programs, is available by anonymous FTP at sunsite.unc.edu in directory /pub/micro/pc-stuff/ms-windows/winsock. The anonymous FTP sites that I list throughout this paper as sources for programs are the sites designated by the software authors as their home sites. These sites will always have the latest version of the software. In addition, copies of the software may usually be obtained by anonymous FTP from CICA (Center for Innovative Computer Applications) at ftp.cica.indiana.edu in directory /pub/pc/win3/winsock. Files are also available from this same address using a Gopher client. Gopher access is preferable because the CICA FTP server is the main Internet site for Windows applications. It is usually busy, and you may have difficulty establishing an FTP connection. It is the case that the collection at CICA will NOT always contain the latest version of software, even if a newer version has been uploaded to CICA by the author. CICA does not allow anonymous users to view or download program files from the uploads directory, where the newest version might still be in the holding pattern. Also, the versions at CICA may not have the same file dates as those at the home sites. There is a listserv that provides a daily listing of new uploads to CICA. Included in the mailing are the content of any text files accompanying those uploads and a list of files that have been moved from the uploads directory to the public directories so as to be available for downloading. You can subscribe to CICA-L by sending e-mail with no subject and the message sub CICA-L Your Name to listserv@ubvm.cc.buffalo.edu. There are several other Internet sites that provide mirror copies of the Windows collection at CICA. These are listed in the message displayed if you are denied access to CICA. The list of mirror sites also is included in the file README in CICA's directory /pub/pc/win3. These mirrors can be just as busy as CICA. As an example, the mirror at polecat.law.indiana.edu was recently removed due to overload on the server. When using CICA, it is helpful to download the file INDEX (ascii, about 285,000 bytes) or INDEX.ZIP (about 122,000 bytes) from the directory /pub/pc/win3. INDEX contains one-line descriptions of each file in the collection. The news groups alt.winsock, and comp.protocols.tcp-ip.ibmpc carry discussions of the Winsock specification and Winsock compliant applications, as do the groups in the comp.os.ms-windows.networking hierarchy. Trumpet Winsock and related clients are discussed in several news groups in the trumpet hierarchy. Information about specific clients may be found in groups devoted to that class of client. For instance, WSGopher is discussed in alt.gopher and in comp.infosystems.gopher. Cello, Mosaic, Netscape, and WinWeb are discussed in the sections of the comp.infosystems.www hierarchy. The BITNET listserv WIN3-L@UICVM carries discussions about all topics relating to Windows, including Winsock applications. Some news servers carry this listserv under the news group name bit.listserv.win3-l. A comprehensive list of FTP'able Winsock applications is available from Larsen Consulting and Sales, Phoenix, Arizona, USA. To get a copy of the list, send an e-mail message to info@lcs.com with the Subject: FAQ. Nothing else should be in the message. The list is also available on the World Wide Web at http://www.lcs.com/. Frequently Asked Questions about TCP/IP on PC-compatible computers are answered in a FAQ written by Bernard D. Adoba. The text is posted monthly on the news group comp.protocols.tcp-ip.ibmpc. A copy of the newsgroup posting is available as three separate files from rtfm.mit.edu in the directory /pub/usenet-by-hierarchy/comp/protocols/tcp-ip/ibmpc. The complete text of the files dated November 3, 1994 contains over 214,000 bytes. The filenames are decidedly non-DOS, so you will want to assign filenames if you download from this source. The FAQ is also available as a single ZIP file named ibmtcp.zip (79,454 bytes | October 29, 1994) from ftp.netcom.com in the directory /pub/mailcom/IBMTCP. Each of these sites can be troublesome. They frequently are busy or unresponsive to commands. Finally, the FAQ, and other publications about Internet software for the PC, can be accessed on the World Wide Web page maintained by Bernard Adoba. The page entitled "Internaut: The PC-Internet Connection Update Page" is located at http://www.zilker.net/users/internaut/update.html. The Crynwr packet drivers collection is available by anonymous FTP in the well-known Simtel20 collection, as well as through a variety of other methods. The primary publicly available site for Simtel20 files is at oak.oakland.edu. The packet drivers are in directory SimTel/msdos/pktdrvr pktd11.zip (November 23, 1993 | 435420 bytes) pktd11a.zip (November 23, 1993 | 326152 bytes) pktd11b.zip (November 23, 1993 | 344847 bytes) pktd11c.zip (December 14, 1993 | 81834 bytes). An early version of this document (dated February 9, 1994) was published in the "Toolkit" section of the March 14, 1994 issue of "Global Network News." GNN is part of the "Global Network Navigator," a World Wide Web publication of O'Reilly Associates. Articles in GNN are aimed at the reader with a general interest in the Internet and networked information. You can read GNN by pointing Mosaic or Cello at http://www.wimsey.com/gnn/gnn.html. The most recent plain text version of "Windows and TCP/IP for Internet access" is available by anonymous FTP from nebula.lib.vt.edu in the directory /pub/windows/winsock under the name wtcpip**.asc. For instance, this version has the name wtcpip06.asc. A more frequently revised hypertext version is available at http://learning.lib.vt.edu/wintcpip/wintcpip.html. ================================================================ I thank each of you who sent me personal messages following the postings of earlier versions of this evolving document. I have now received e-mail about this document from individuals on seven continents. Thanks to AJO at McMurdo Station for sending me a message from Antarctica. I am grateful that I have been able to help many of you, and I appreciate the suggestions and information you have sent me. My efforts in producing this document can be only a small and indirect repayment of the debt I owe to the developers who produce this software and to the many Internet users who are so willing to share information and expertise. Please send error reports to me at hmkriz@vt.edu. I would be grateful for suggestions for improvements and additions to this document. Thanks again to everyone who replied to my beginner's questions over the past eighteen months. I greatly appreciate your patience, and your willingness to share your knowledge. --Harry =================================================================----------------- SAY WHAT? LIBEL & DEFAMATION ON THE INTERNET By Eric Eden (r3eje@vm1.cc.uakron.edu) On the Internet, where abnormal behavior is the status quo, tempers can flare in the heat of debate and word wars can last for days or even weeks. It's not uncommon for users to ridicule, harass or insult those who disagree with them. But if you damage someone's reputation by trying to embarrass them in a public forum, you could be sued for libel or defamation. After all, there's no reason to assume that the messages you send through cyberspace are immune from lawsuits. "The Internet culture right now is for users to refute speech with speech," says Dave Marburger, the attorney who represented Brock Meeks in one of the first defamation lawsuits in the United States involving the Internet. "But as the Internet culture gets more diverse, users will start refuting speech with lawsuits." There have only been a handful of libel and defamation lawsuits filed involving the Internet so far, but as the Net grows, the number of lawsuits will probably increase. If the few court battles that have been decided involving libel and defamation on the Net are any indication of how the law will be applied to the Internet in the future, it's worth your time to learn what's libelous or defamatory on the Internet and what's not. Other users have the right to sue you for defamation if they can prove you damaged their reputation or good name with false information. You can be sued for libel if another user can prove you have distributed defamatory statements about them in a public area -- such as a news group or mailing list. In April of 1993 Gil Hardwick, an anthropologist in Australia, was ordered by the Australian Supreme Court to pay David Rindos $40,000 in damages because he defamed Rindos on an international mailing list. After Rindos lost his job at the University of West Australia, Hardwick posted a message in a discussion group for anthropologists that suggested Rindos was fired because he was a bully and had sexually molested a local boy. Rindos filed a defamation lawsuit against Hardwick because he felt the message had hurt his chances of finding a new job. In a letter to Rindos's attorney, Hardwick wrote "Let this matter be expedited and done with....I can do nothing to prevent it, lacking any resources whatsoever to defend myself." Like most people, Hardwick didn't have the money to hire a lawyer or finance an expensive legal battle. "He (Rindos) suffered a great deal of personal hurt because of the message," said Supreme Court Justice David Ipp in the West Australian. "The damages award must compensate him and vindicate his reputation to the public." The Internet is an informal forum and people often write personal things about other users, but you can be held accountable in court for making libelous or defamatory remarks in public forums just like Hardwick was. "We know that as the Internet grows, there will be more and more lawsuits involving libel and defamation," says attorney David H. Donaldson, editor of Legal Bytes, an electronic magazine that discusses legal issues involving computers and networking. "The only question is if the number of cases will grow steadily or if there will be an explosion of lawsuits all at once." Anybody can sue you for libel or defamation if they think you damaged their reputation, but if you can prove what you say is true, chances are that you won't end up in court. "Make it clear when you are stating your opinion," says Donaldson, "Always state the facts that your opinions are based on just to be safe. You probably won't lose a libel or defamation lawsuit if you can back up what you write with solid facts." For example, Brock Meeks, a full-time journalist who also distributes his own electronic magazine, avoided losing a defamation lawsuit largely because he could prove an article that he sent over the Net was true. Meeks was sued by Suarez Corporation Industries in April of 1994 for writing an investigative story about the company and its services in his electronic newsletter -- the CyberWire Dispatch. Meeks had no libel insurance, no publishing company backing him up and a lot of legal fees to cover. (His lawyer charged him $200 an hour.) The only thing Meeks had was his house -- and he didn't want to sell it to pay off a lawsuit. Meeks defended his article in numerous posts on the Net, "All of my facts were rock solid. Although the article was delivered with a fair amount of attitude, I don't believe that I'm in dangerous waters," he wrote. Benjamin Suarez, owner of Suarez Corp., filed the suit because he felt that Meeks had damaged his reputation and hurt his business by saying he was "infamous for his questionable direct marketing scams," and saying "he (Suarez) has a mean streak." To back up his opinion, Meeks cited accusations made by the Washington state attorney general's office concerning Suarez's direct marketing practices. In August of 1994 Suarez Corp. made Meeks an offer he couldn't refuse. They agreed to settle the case for $64 -- to cover administrative court costs. The company refused to comment on why they agreed to settle the lawsuit. If the case had gone to trial, Meeks's lawyer thinks Meeks would have been able to win anyway. "The defendants in libel or defamation suits involving the Internet have enhanced First Amendment rights," says Marburger. "The plaintiff has to prove actual malice. In other words, the plaintiff has to show that the defendant made false statements or was negligent." Marburger's only regret is that they didn't get to set that precedent in court. Although the Meeks case doesn't really mean anything in the law books, it does show that if you're responsible and can prove what you write on the Net is true, people will be less likely to take you to court. If you just make something up and your sources aren't reliable, you could lose big like Hardwick did. "You have to follow the same rules that journalists do if your going to write and distribute controversial material about other people," says Donaldson. The increasingly common phenomenon of online forums creates the possibility for you to reach large audiences, but it also creates the ability for you to commit defamation or libel -- something that an ordinary citizen didn't have to worry about in the past. before the growth of online communication, people who didn't work in the media usually didn't have to worry about libel or defamation. "Libel laws apply to the Internet the same way they do to newspapers and TV stations," explains former Federal Communications Commissioner Nicholas Johnson, a professor at the Iowa University school of law. "The same technology that gives you the power to share your opinion with thousands of people also qualifies you to be a defendant in a lawsuit." Like a newspaper or TV station, you are responsible for making sure the material you distribute -- or broadcast -- over the Internet is not libelous or defamatory. Lani Teshia-Miller never meant to defame anyone, but when she took over the distribution of a tattoo FAQ she almost ended up in court. The rec.arts.bodyart FAQ she inherited contained a lot of generalizations based on contributions from unattributed sources. Although she listed her name on the FAQ, she didn't edit out several defamatory statements. One review of a San Francisco tattoo artist in the FAQ said, "He's getting old and having problems with his eyesight. His quality is really bad and he hurts people." After the artist hired a lawyer and threatened to sue, Teshia- Miller changed the FAQ's wording to reflect a more factually-based and less-hysterical view. The review now says, "His eyesight is not what it used to be." After the FAQ was changed and Teshia-Miller apologized, the artist dropped the lawsuit. "It turned out to be a good experience for me," said Teshia- Miller. "I'm a lot more careful about what I allow on the artist list, and I now have a very long disclaimer at the beginning of the FAQ." Every person you write something negative about won't sue you for defamation or libel, they might flame you or just try to set the record straight by replying to the message. But if you post false information about another user and disgrace them in public, they have the right to take you to court -- and they could win a big settlement if they can prove you were negligent. Medphone, a Fortune 500 company that manufactures medical instruments, has filed a $200 million lawsuit against Prodigy user Peter DeNigis. Medphone filed a "systematic program for defamation and trade disparagement" lawsuit against DeNigis after a stockholder reported that he was making several negative posts about Medphone a day on Prodigy's Money Talk Forum. DeNigis, a former Medphone stockholder, lost more than $9,000 last year by selling off his investment in the company. In one post DeNigis wrote, "My research indicated the company is really having a difficult time. No case, no sales, no profits and terrible management. This company appears to be a fraud. Probably will cease operations soon." Although the accusation that Medphone is a "fraud" is very serious -- and potentially defamatory -- DeNigis might be able to win the lawsuit if he can prove what he wrote is true in court. "The Medphone case is a clear indication that libel and defamation is something for Internet users to think about," says Johnson. There are court cases in progress right now that will decide if access providers such as Prodigy, America Online and Compuserve are responsible for defamatory remarks broadcast over their services, but there is no legal ambiguity about whether individual users can be sued for making defamatory or libelous statements. Individual users are responsible for making sure the information they distribute is not libelous or defamatory. The Internet has made world wide, instantaneous communication easy. The average user now has the power to be heard by hundreds or even thousands of other users, but in terms of libel and defamation, the Net is not a new world of freedom. The reality is that libel and defamation laws are enforceable in the virtual world just like they are in the real world. # # # You may distribute this article freely for non-profit purposes. Otherwise contact the author (Eric Eden -- R3eje@vm1.cc.uakron.edu) for reprint permission. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% JACKING IN FROM THE "BACK FROM THE DEAD" PORT By Brock N. Meeks (brock@well.sf.ca.us) CyberWire Dispatch Copyright (c) 1994 Washington, DC -- Nothing chills -- or inflames -- the Net faster than when word of the dreaded "FCC Modem Tax" begins ooze through Cyberspace. Well... it's back. Sort of. Ruth Milkman, legal advisor to Federal Communications Commission Chairman Reed Hundt, said during a recent question and answer session that the agency might again take up the issue of the so-called modem tax. "Some years down the road I can see access fees [for enhanced service providers] being considered by the FCC," Milkman said during a phone interview. "But only under the scenario when access charges are reformed." These access charges are a kind of trip wire phrase which online activists have dubbed a "modem tax" when applied to enhanced service providers, which is another catch phrase meaning services like America Online and CompuServe. Milkman said the FCC would only consider an access charge under a very narrow scenario which would play out only if "enhanced service providers felt that by paying the access charges they weren't contributing to a subsidy scheme set up for (long distance phone companies)," Milkman said. So, what the hell is an "access charge"? Take a deep breath. Here goes: Access charges are paid by long distance companies to local telephone companies. Every time a company such as AT&T connects a caller in Des Moines with Uncle Bert in New York, it has to pay Nynex, the local telephone company, a fee for the privilege of carrying that long distance call over their facilities, commonly known as the "local loop." Long distance companies pay up to 40% of their entire revenues to local telephone companies. That's billions and billions of dollars each year that flow into the hands of the Baby Bells, just for completing the calls. The access fees are set at artificially high rates because they contain a mind numbing set of complex subsidies, the most obvious one is that which underwrites the public policy known as "Universal Service." Back in the days when the FCC only had rotary dial phones (circa 1987) someone came up with the brilliant idea that because modem use was increasing at such a rapid pace, that maybe services such as Sprintlink (then known as telenet) and CompuServe should have to pay these access charges, too. After all, the FCC wonks postured, they carry long distance (modem) traffic over the phone lines? It would only be fair to have these "enhanced service providers" as they are known in FCC-speak, also help out the impoverished long distance phone companies underwrite Universal Service. Bingo. The hue and cry that went up from the online community (it wasn't yet called "the Net") was enormous. The major players -- Telenet and CompuServe -- quickly branded the plan as a "tax" and thus the phrase "modem tax" was born. Dire warnings went out: If the FCC succeeded in making enhanced service providers chip in for access fees, it would increase the cost of each hour of online time by at least $6 per hour. And remember, this was in the days when a 2,400-bps modem was the hottest thing going. Six bucks an hour would have demolished the struggling online industry. The fallout among the nascent online community was astounding. For the first time in history, the "net" community rose up with a single voice and FLOODED the FCC with protests. FCC official "filing kits" made the rounds, teaching people how to file official comments of protest. The ground swell of opposition worked. The FCC was buried in responses. At the time, the FCC said it was the hottest item in its history, garnering more response than any issue in history. The FCC eventually backed off. The reason: It was persuaded that enhanced service providers were still entrepreneurial companies and couldn't afford the burden of access fees. The proposal was officially dropped. It was the first major victory for the Net. And it was empowering. The online community became educated and enlightened almost over night to the ways of an arcane governmental agency. And this community was drunk with a heady kind of power: It could sufficiently affect the outcome of governmental regulation. Small catch: The damn "modem tax" issue wouldn't die. Someone with the brains of a trout began to circulate the now infamous "modem tax" file. The file claims that Jim Eason, a San Francisco radio talk show host had aired a segment in which he claimed to have inside information that the FCC was about to relaunch its "modem tax" proposal. The message was and is a HOAX. But it also has never died. It's the Net's first "urban myth" and like Freddie, it refuses to die, even to this day. Milkman, who was on-board at the FCC during the 1987 modem tax firefight, sighed when explaining the complex issue: "Part of the problem is that nobody is exactly sure what all the subsidies are. Most people agree that there are subsidies in the access charges, but you can't break out those subsidies exactly." Another factor in play: Sometimes enhanced service providers are really just reselling long distance transport after having bought large blocks of time from a major carrier like AT&T. Thus, to have these enhanced service providers also pay an access fee amounts to a kind of double-dipping, Milkman said. As it turns out, Congress might have as much to say about a future "modem tax" as the FCC. This twisted scenario turns on the tenuous grasp that everyone from the Vice President to Commerce Department to the FCC has on exactly what constitutes "Universal Service," in the era of the Information Superhighway. Revamping the 60 year old Communications Act of 1934 will be up to Congress this year. And they will likely do it. But how universal service is defined remains a big mystery. And who ends up paying for and maintaining that public policy (which isn't about to be abolished) also remains a mystery. Don't be surprised if, when the legislative smoke clears, not only do enhanced service providers -- America Online, CompuServe and Prodigy, et al -- have to pay access fees, but also your Internet provider and your cable company. And who do you think will end up catching those cost increases?? Right. Your wallet. But for now? Rest easy, Milkman says: "I want to make this very clear: There is NO docket [open] in which the Commission is proposing making enhanced service providers pay access charges. And I don't anticipate it coming up." Meeks out... %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% ANNOUNCING SLIPKNOT: Shareware dialup Web browser for Windows By Felix Kramer (felixk@panix.com) Dear Electronic Journalist How long will the World Wide Web be accessible to only a small fraction of dial-up users? I'm writing to tell you about a new and important application for Internet users that's was released last week, and that I think should be of interest to you (and perhaps to your readers.) In one sentence, it's a graphical Windows-based browser for the World Wide Web, for users with dial-up UNIX accounts -- but one that doesn't require SLIP, PPP or TCP/IP access. (You'll find a longer description below.) It's intended to expand and democratize access to the WWW to those with ordinary dial-up accounts -- at a time when TCP/IP access is available only to a small fraction of the online population. Until now, access to the hypermedia-based Web has been limited to those with SLIP, PPP or TCP/IP access, using Mosaic and similar browsers. That's only a small fraction of the online population--a few million at most, worldwide. Unless they were willing to go through considerable technical acrobatics, most people with dial-up UNIX accounts were locked out of the Web. Many of these people are accustomed to their UNIX tools for reading mail and news, and don't want to switch to SLIP even if their systems offer the option. (We may be talking about something over 20 million people worldwide, with service through their companies, schools, universities, or Internet Service providers.) In journalistic terms, there are several stories here: 1) As discussed above, SlipKnot will expand the population of users who can use the Web. 2) SlipKnot is pioneering in its distribution/sale policy. SlipKnot is restricted shareware in its first version from MicroMind, Inc. Until now, shareware has generally been distributed with a simple request for users to register; SlipKnot takes that one step further. It is restricted shareware. That means it is free for evaluation but with strong incentives to frequent users to register. After a period of frequent reminders, the software eventually turns itself off for nonregistering users. 3) Registration fees or on a sliding scale. For most, the cost is $29.95. But individuals outside Northern America, Europe and Japan will pay $20 to register. A portion of the receipts will go to support refugee organizations (Peter Brooks, the developer, came to the U.S. as a refugee). 4) SlipKnot is a case study in the new technology of virtual commerce. All promotion, distribution, and registration is being done online. No physical shrink-wrapped disk or manual is produced: users download the product with documentation. There is no paid advertising or direct mail: potential purchasers learn about it through online newsgroups, user groups, mailing lists, and through the press. There is no printed and mailed press kit: the media hears about it through electronic means -- e-mailed press materials and announcements. Registrants send in their addresses and payments through fax or encrypted e-mail, and their personal codes are returned to them by e-mail. All this is rapid, efficient, and economical. Below you'll find info on where to get it. If you want to see what others are saying about SlipKnot, we've attached some early reactions. **NOTE** This press kit is incomplete. To keep down the size of this message, and ensure that you get the most recent information, AT ANY TIME, you can automatically retrieve SlipKnot's features, list of limitations, and technical specifications for what SlipKnot requires on the user's computer and at the service provider, by sending a blank e-mail message to our autoreplying infobot: slipknot@micromind.com I'm a consultant to institutions interested in publishing on the net, and author of a book on electronic publishing as a business. I'm doing promotion for the release of SlipKnot. Feel free to forward this message to other journalists, movers and shakers on the net. If possible, please let me know if you're planning to run a story; if it's in online form, I'd be very grateful to get an e-mail copy; if in printed form, I'd appreciate getting a tear sheet mailed to me at 310 Riverside Drive, Suite 1519, New York, NY 10025. Please contact me or Peter Brooks (the developer, pbrooks@micromind.com) if you have any questions. In any stories, please do not publish my phone number; you can give out my e-mail address and fax number. Thanks in advance--Felix Kramer * * * * * * * * * * * * * * * * * * HOW TO GET SLIPKNOT * * * * * * * * * * * * * * * * * * SlipKnot 1.0, the World Wide Web browser for Windows dial-up users from MicroMind,Inc., is now available (right on schedule!) for anonymous ftp download at: ftp://oak.oakland.edu/SimTel/win3/internet/slnot100.zip or, if it's not too busy, from: ftp://ftp.netcom.com/pub/pbrooks/slipknot/slnot100.zip oak.oakland.edu has numerous mirror sites, so if you have any trouble getting it directly from there, please try the mirror sites. One mirror site is: ftp.uoknor.edu/mirrors/SimTel/win3/internet/slnot100.zip In the U.K. try: src.doc.ic.ac.uk/computing/systems/ibmpc/simtel-win3/internet/slnot100.zip In Australia try: ftp.bf.rmit.edu.au /pub/pc/www/slnot100.zip (If you don't get to it for a while, please look at the distribution site for the latest version file, that is, slnotxxx.zip -- where "xxx" indicates the Version of SlipKnot. So, for instance, Version 1.0 is slnot100.zip, and Version 1.35 will be slnot135.zip.) You can also get a FAQ, focusing primarily on common installation problems, at: ftp://interport.net/pub/pbrooks/slipknot/sntfaq1.txt * * * * * * * * * * * * * * * * * * * * WHAT PEOPLE HAVE SAID ABOUT SLIPKNOT SINCE ITS RELEASE IN LATE NOVEMBER (INDIVIDUALS FOLLOWED BY PRESS) (AFFILIATIONS FOR IDENTIFICATION ONLY) * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * UNSOLICITED COMMENTS FROM BETA TESTERS * * * * * * * * * * * * * * * * * * * * "SlipKnot is a godsend for those without slip."--Walter Rice, 11th grade student at Central High School, Philadelphia "I have really enjoyed SlipKnot. After trying for over a year to get Mosaic to work on my PC at home, I found SlipKnot easy to install and use. "--Mike McKee "This is a fun program. A LOT of magazines lately have been talking about Internet and the world wide web - and almost all of them say something like "To really delve into Internet - you'll need a SLIP or PPP connection." Get the word out about SlipKnot.. cause they're dead wrong. I have a shell account and it's got everything most people could want. I can read newsgroups, send/receive email, use telnet/ftp, download files, and (with SlipKnot) browse the World Wide Web! To be honest.. what else is there?"--Steve Crawford, MIS Manager for SpectraLink, Inc., Boulder, Colorado "I can use it with my dial-up and the price is certainly right--so I'm no longer lusting for a SLIP/PPP connection....If *I* can use this program so easily, anybody can....."--Kristi Olesen, author and parent "SlipKnot is simple to install, use and configure and wonderful in the sense that the wonders of the Internet are now truly available to me. As you can tell, I love this product. Thanks!"--Tami Duggan, Commonwealth Clinical Systems, Inc., Virginia "Keep up the good work. You've got a winner."--Steven Pitzl "Real slick....In general, the look and feel of SlipKnot is well-integrated & tight....Very cool setup....After looking at many web browsers, I must say y'all have a very unique browser, with a gorgeous interface, well-thought out and tightly integrated. And smooth. SlipKnot. I'm certainly telling everyone I know about it...."--Mark Garland, Civil Engineering Office, Santa Fe National Forest * * * * * * * * * * * * * * * * * * * * * REVIEWS FROM USENET AND MAIL TO MICROMIND * * * * * * * * * * * * * * * * * * * * * "Excellent software got it running with almost no problems. Congratulations."--Alan from United Kingdom "For a first release, Slipknot is amazing. It installed easily and worked first time."--Will from netcom "Overall, a really cool program, and quite clever."--SteveG from neosoft "This is exactly the program I've been searching for these past few months....While I loved the web browsing, I found I much preferred the Unix programs on my shell account. Now you've given me the best of both worlds. Thank you!"--Nelia from netcom "Solid as a rock."--Rajesh from Temple University "A really neat program! Saves me time charges on my SLIP account."--Larry from netcom "-- "Great Job Mr. Brooks ! well done !"--Amir from Bremen University, Germany "You've done an amazing job, without requiring the usual add-ons. I have spent hours with SlipKnot in many Web adventures and love the ability to toggle it when I want it and to use 'trn' and 'lynx' (the latter for form searches and for fastest text-response) and pine. So I'll get a check in the mail this week. Absolutely no GPF's, and your keyboard unfreeze resolved my one freeze in terminal."--Andrys from netcom ">One of the most exciting software programs I have seen lately."--Harald from Univ of Cincinnati "A major thumbs up!"--Darren from digex "Bravo!! What can I say? Seems to be a very stable, and actually pretty quick little program."--Mark from Pipeline "Wow! I've been spreading the word about Slipknot--I don't know when I've been more impressed with software in terms of the ease of use. Thanks again. I really think you've got a winner on your hands."--Steve from netcom "It worked! This is fantastic! I'm registering my copy ASAP. NOW I can see what everyone's so excited about."--Chris from tenet.edu "We are working on our Internet CD-ROM disc and would include your program as the user interface."--Stefan from Germany "Terrific work and a real contribution to the Internet community."--William from George Washington University "I've been using your software for the past five days and I just wanted to say how much I enjoy using it. BTW, I sent in my registration/check"--Warren from ncsc.mil "I think it's terrific, especially the ability to download WWW pages and group in folders for future reference off-line!"--Deb from digex "I'm very happy with SlipKnot and am enjoying seeing for the first time what all the fuss is about regarding the WWW."--Phil from panix "I can't say whether it's better than Mozilla, TIA, etc., but it sure turns a shell account into a multimedia banquet!"--Daniel Dern from world.std.com "I want to roundly condemn you for making and distributing this program. It is so simple and easy to use, has so many useful functions and works so flawlessly that I will probably spend many more hours in front of my computer than I should :-). Anyway, thank you for a superb web browser. Give yourself a gold star."--Mark from netcom "This is so cool, you could get frostbite from it."--William from Denver * * * * * * * * * * * * * * * * * * * * EARLY COMMENTS IN THE PRESS * * * * * * * * * * * * * * * * * * * * "Pure, unadulterated magic"--Daniel Dern, noted Internet analyst and author, "The Internet Guide For New Users" (McGraw-Hill, 1993) "Will SlipKnot cause a Web traffic explosion? SlipKnot is a MS-Windows Web browser that can be used with a dial-up shell account. Could this be the answer for those without a direct or Slip/PPP connection? SlipKnot is a very welcome addition to the Web tool box. It will make available the Web's graphical displays to a whole new group of Internet users.--Bob Stewart, The Virtual Mirror -- http://mirror.wwa.com/mirror/ "Its chief author, Peter Brooks...plans to sell SlipKnot as shareware. That means you download it free from an on-line service, try it out and if you decide to keep it, mail the programmer a check. Brooks plans to ask for $29.95. It's a steal....At the touch of a button, SlipKnot turned into a World Wide Web browser that in some ways worked better than Mosaic. It ran a little slower than Mosaic, but not much. And it works without the expense and trouble of a PPP account....SlipKnot is going to be a strong competitor."--Hiawatha Bray, Detroit Free Press, DFP Forum on Compuserve "Spurred by a desire to share the wonders of the Web with the vast dial-up population, developer Peter Brooks created SlipKnot....'We have a small lifetime worth of work in terms of features to include in the product,' Brooks confided. 'We will continue to improve it as time goes on.' "--Dianna Husum, WEBster, the Cyberspace Surfer "...A major technological breakthrough. SlipKnot is, as people used to say, 'for the manor woman on the street,' and it, and its successor software, will invite millions more people to the Web's vibrant new culture."--Joyce Lain Kennedy, LA Times Syndicate author, in Hookup/Get Hired, forthcoming from John Wiley & Sons in 1995 "One of the best features of this browser is its ability to retrieve documents in the background. According to MicroMind, SlipKnot is more than just a Web browser. This program allows for complete navigation of the Net and promises to bring Web access to almost all Internet users."--Patrick McKenna, Newsbytes "...for those trapped with terminal-emulation access to the Internet and salivating at the new stuff they hear is on the Web, this product is simply miraculous.--Richard Seltzer, Internet-on-a-Disk "One advantage is that whatever Web pages it gets, it keeps them until you decide to delete them. Once you're offline, you can go back and review pages you had browsed while online. You can keep as many pages as your available computer memory allows. SlipKnot is amazing. When it was first announced on Internet, I was skeptical whether such a program could work. Now, I'm a beiever."--John Fisher, Bucks County Times Courier SlipKnot has appeared in the National Center for Supercomputing Applications (NCSA) "What's New Page", Computer Underground Digest, and the Usenet moderated newsgroups comp.newprod & comp.internet.net-happenings * * * * * * * * * * * * * * * * * * SLIPKNOT AS SHAREWARE * * * * * * * * * * * * * * * * * * SlipKnot is published as restricted shareware, free for evaluation but with strong incentives to frequent users to register at a cost of $29.95 to most people. Individuals outside Northern America, Europe and Japan will be asked to pay $20 to register. And 10% of the receipts will go to support refugee organizations. Our shareware evaluation policy is that users who have displayed/retrieved over 300 documents are no longer evaluating the software (this should take about 2 months of typical usage) and will be asked to register within 30 days -- with an additional 21-day grace period if they start the registration process. We hope that few users will object to the policy, given the price of the software. * * * * * * * * * * * * * * * * * * * * * * NOTE FROM PETER BROOKS, SLIPKNOT DEVELOPER * * * * * * * * * * * * * * * * * * * * * * SlipKnot was created because there was, at that time, no other alternative to accessing the World Wide Web graphically if you did not have SLIP or PPP or TCP/IP access. Having analyzed Mosaic and some of its competitors, I concluded that all of these browsers were designed for people with very rapid communications channels into the Internet, not modem users. Even if you have SLIP access, most of these browsers do not allow you to save entire documents (with the included pictures), forcing you to retrieve the documents again whenever you wish to take a full look at them -- eliminating the possibility of demonstrating WWW without being online. It takes a while to retrieve any document by modem with any browser, and you shouldn't have to do this more than once. The Web is a remarkable human construct and a truly a wondrous place. I hope that SlipKnot brings you the magic of the Web, and that you become as astounded by it as I am. * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ABOUT MICROMIND * * * * * * * * * * * * * * * * * * * * * * * * * * * * * MicroMind, Inc. is a New York City-based software development company with six major products developed and released for the international market, including: * RUN/C -- the world's first interpreter for the C language -- sold in the U.S. and Japan. 20,000 copies sold at $250. * OL2 -- a product to duplicate the functionality of Sharp Electronics' Wizard Electronic Organizer on a desktop computer -- marketed by Sharp worldwide. Over 150,000 copies sold at $100. PETER BROOKS, President of MicroMind and author of SlipKnot, has over 25 years of software development experience. * * * * * * * * * * * * * * * * * * FEEDBACK * * * * * * * * * * * * * * * * * * To facilitate communication and support, we are asking users to post comments and responses about SlipKnot only to the following Usenet newsgroup: comp.infosystems.www.users. At any time, for the latest SlipKnot information and a list of features, either point your WWW browser (lynx is fine) to: http://www.interport.net/slipknot/slipknot.html or send a blank e-mail message to: slipknot@micromind.com. Please direct any press or distribution questions to felixk@panix.com. vox: 212/866-4864. fax: 212/866-5527 Please direct any technical questions to: slpstaff@micromind.com Mail to Peter Brooks can be sent to: pbrooks@micromind.com fax: 212/864-0436 SlipKnot is Trademarked by MicroMind, Inc. This document (c) 1994 by MicroMind, Inc. * * * * * * * * * * * * * * * * * * * * * * * * * * * * * Felix Kramer/Kramer Communications NYC-based electronic publishing & journalism Online promotion & marketing e-mail: felixk@panix.com or felixkramr@aol.com voice: 212/866-4864 fax: 212/866-5527 * * * * * * * * * * * * * * * * * * * * * * * * * * * * *----------------- TELECOMMUNICATION SECURITY By Howard Fuhs Copyright (C) 7/1994 by Howard Fuhs Howard Fuhs Elektronik Rheingaustr. 152 65203 Wiesbaden - Biebrich Germany Tel: +49 611 67713 D2: +49 172 6164336 Fax: +49 611 603789 CompuServe: 100120,503 Internet: 100120.503@compuserve.com The material presented is implicitly copyrighted under various national and international laws and is for information purposes only. Information in this document is subject to change without notice and does not represent a commitment on the part of Howard Fuhs Elektronik. Free public distribution is permitted with the following conditions: 1) No editing of any kind is permitted! 2) Distribute the entire document, as is, or do not distribute at all! 3) No fee of any kind may be charged for such copying. "Media and other Service Charges", such as those charged by user groups and commercial entities, are not allowed! 4) It's source and co-operative nature should be duly referenced. No part of this publication may be published by Magazines, Journals or any other professional non-profit or profit organization in any form, without prior written permission from Howard Fuhs. 1. Abstract 2. The Underground 2.1 The Technical Equipment 2.1.1 Red Box, Blue Box and other boxes 2.1.2 War Dialer 2.1.3 Modem 2.1.4 Legal Tone Dialer 2.1.5 Lock Picks 2.1.6 Scanner 3. Potential Targets 3.1 Dial-In Lines with Modem 3.1.1 Countermeasures 3.2 Toll Free Numbers 3.2.1 Toll Free Number for Marketing Purposes 3.2.2 Toll Free Numbers with Dial Out Lines 3.3 Voice Mailbox Systems 3.4 Wireless Phones 3.5 Pager Systems 3.6 Shoulder Surfing 3.7 Answering Machines 4. How/where do they get their Informations? 4.1 Social Engineering 4.2 Trashing 4.3 Underground Publications 4.4 World-wide Computer Networks 4.5 Internal Computer Networks of Telecom Companies 5. Conclusions 1. ABSTRACT ----------- Everybody is discussing Data Security, Computer Security and Anti-Virus Measures to make certain that systems and data remain clean and safe. Companies spend considerable amounts of money and time on data security experts, fail-safe plans, security hardware and software but often forget a major leak in their security plans: Telecommunication Security. Many companies argue that the local telecom company is responsible for telecom security, and at first sight they are right. But the problem of telecom security is more complex than even the telecom companies will admit. Especially government operated telecom companies have a tendency to take telecom security somewhat lightly, and it can happen that they won't believe you even if you can demonstrate the weaknesses of their systems (this actually did happen in Germany). Their official statement is always: "Our system is secure and not vulnerable". If the lines and switching systems are vulnerable, it is the responsibility of the telecom company to correct this. The average telecom customer has little or no influence on this level of security, but what about telephone equipment owned and operated by other companies? This type of equipment is also vulnerable, in many cases more vulnerable than telecom lines and switching systems. In this case it is the responsibility of the company owning the equipment to prevent misuse of the installed system or network. Most companies do not even know that their telecom equipment is vulnerable. To close that security gap it is necessary to know which techniques to use and whom to deal with. 2. THE UNDERGROUND ------------------ People who try to break the security of telecom systems call themselves "phreaks" or "phreakers". Phreaks are usually technically very knowledgeable about telephone systems, and their main intention is to make calls around the world free of charge. Whether an individual, the telephone company or some other company has to pay for their abuse does not concern them. Phone phreaks often look for companies operating dial-in lines with modems, toll free numbers or voice mailbox systems, because they assume that the telephone bill of a company of this character is so high that the abuse of the system will not be detected because of a slightly increased bill. Often phreaks are organized in loose groups and most of them are trading their secrets over computer networks to other interested phreaks. This means that if someone discovers a new and interesting or challenging telephone number, information about it is often spread all over Europe within 24 hours. The consequence of dissemination of this type of information is that an increasing number of phreaks will try to abuse the published telephone number or telephone system. If the misuse is only detectable through an increasing telephone bill, it may go undetected for several months in the worst cases, depending on the frequency of invoicing used by the utility supplier. 2.1 THE TECHNICAL EQUIPMENT --------------------------- The computer underground, in that case better known as the phreakers, uses a wide variety of electronic gadgets, gizmos and devices to abuse telecom equipment and lines, to manipulate switching systems and to break through digital firewalls. Knowledge of these devices is very important for company security staff because they must know what to look for. 2.1.1 RED BOX, BLUE BOX, WHITE BOX AND OTHER BOXES -------------------------------------------------- All these colourfully named boxes are devices designed to cheat telecom equipment. Most of them are (sometimes modified) tone dialers or self-made electronic devices, all having several functions. To provide free calls from public phone booths one of the types is able to emulate the insertion of a coin (works only in the USA), another box can emulate the audible code-signals used to communicate between switching systems or to switch the telephone line into special modes (which differ from system to system) for maintenance staff, who normally has more privileges in a telecom switching system than ordinary users. Boxes are also available to send a false caller ID to telecom equipment used to display the telephone number of the caller. Also most private telecom equipment may be programed by means of such a tone-dialer or box. The consequence is that a phreaker is able to alter the program and thus work mode of telecom equipment in a company from a remote location. All these types of boxes are described in underground publications, and they are relatively easy to build or to modify. A serious legal problem in connection with these boxes is that their use is not traceable under normal circumstances. The phreaker is over 98% sure not to get caught. Even if he should get caught it is hard to produce legal evidence proving his abuse of telecom lines and equipment. In most cases an expert is needed to identify a suspicious device as being in fact a box intended to misuse telecom lines. Possession of such devices is only illegal in a few countries (USA, Canada). 2.1.2 WAR DIALER ----------------- A war dialer is a computer program used to automatically dial all telephone numbers within a range defined by the phreaker using it. While doing this the war dialer produces a log file listing for each individual number who or what picked up the phone (modem, human, busy, fax, not in use, etc.). Log files of this type, listing interesting free-call numbers, are regularly posted on some computer networks and thus made publicly available. List keepers in nearly every country with toll free numbers update this type of log file at least on a monthly basis. In some countries (e.g. the USA) war dialers are illegal. In one case innocent-looking software was used to hide a war dialer. A password was simply needed to invoke the hidden function of the war dialer, and everybody who had seen the movie "War games" knew the password (the name of Prof. Falken's son). 2.1.3 MODEM ----------- A modem is a widespread hardware device and not primarily intended to be used for something illegal. In most cases, however, a modem may be used to war-dial numbers without a special war-dial program, and without technical alterations it can also emulate tones, which can be used to cheat switching systems. A modem is also necessary to hack computer systems etc. 2.1.4 LEGAL TONE DIALER ------------------------ A legal tone dialer is a small device, which is usually delivered together with an answering machine for remote control. It looks like a small pocket calculator and has the capability to store a lot of phone numbers together with the names and addresses of the people. Even these legal tone dialers are able to cheat a telephone system. For a long period of time it was possible in Germany to make phone calls from a public pay phone without paying for the call. You just lifted the handset and dialled the number using the tone dial device, and you got your connection. The weakness of that pay phone system was that a coin needed to be inserted in order to enable the keypad of the pay phone. Thus, when you did not need the keypad to dial the number, no coin was needed and the security system was circumvented in a very easy manner... Completely legal tone dial devices can be altered to produce the tones needed to cheat the switching system. A Radio Shack dialer was alterable in such a way, for instance. The only thing needed was to replace a crystal used to define the tone frequencies and it was possible to transmit the tones needed for communication between two switching sites. 2.1.5 LOCK PICKS ---------------- "What do lock picks have to do with telecom misuse?", you will ask. A lot, as will be demonstrated! It is very interesting to see that a lot of phreakers (especially in America) are skilled lock pickers. Even telecom companies are getting wise and have begun to lock up all kinds of telecom cable boxes and small switching stations situated in public areas and not under constant surveillance. However, our enterprising phreaker occasionally needs access to this type of installation, and if he were to use a device that damages the lock, everybody would know at first sight that someone broke into the installation. Destroying the lock also means making noise, which could attract curious bystanders or even (worst case for the phreaker) the police. A lock picking set is not going to ruin your budget. It takes a lot of practice to use, and it opens nearly every cheap and/or simply designed lock. For organizations and companies it is mandatory to choose the best locks available, even if they are more expensive than simple ones. It only takes a few design changes to make a lock unpickable. This forces the phreaker to destroy the lock (thereby making the violation evident) or to give up. For advice or support contact a security expert or a professional locksmith. Once the phreaker has gained physical access to the installation he is able to install any kind of cheating device, call diverters, remote switches or even a wiretapping device or small transmitter. Owning lock picks is not illegal, but using lock picks to gain unauthorized access of course is. 2.1.6 SCANNER ------------- Radio scanners are mainly used to find and listen to different frequencies in use. A modern scanner not larger than a pack of cigarettes can cover a frequency range from a few kHz up to 5 GHz. Scanners can be used to find the working frequencies of cordless phones or to listen to wiretapping devices. Many journalists are equipped with scanners to check the frequencies of police and fire departments. According to an EU regulation, the ownership of a scanner is legal. The usage of scanners is regulated in laws which differ from country to country. It is nearly impossible to prove the misuse of a scanner in court. 3. POTENTIAL TARGETS -------------------- In this paragraph it is explained what can happen to telecom equipment and telecom lines and how to avoid this misuse of important and expensive company resources. To prevent phreaking it is mandatory to know what constitute the main targets for phreaks, which techniques they use to sneak around security barriers and which security holes they use. To prevent this article from becoming a "Phreaker's Tutorial" the techniques used will only be described generally. This is no "technical in depth" article. Some technical facts and standards differ from country to country. This is not the case with the Euro-ISDN standard and GSM. If there is an urgent need for technical support or advice against phreakers it is strongly recommend to contact security experts in the field of data and telecom security. 3.1 DIAL IN LINES WITH MODEM ---------------------------- If a phreaker locates a dial-in telephone line with a modem, he will probably switch himself into hacker mode and attempt to hack it, trying to gain access to the company computer system. If he is not a skilled hacker he will trade his new-found information to a person with more knowledge. If he successfully hacks the computer system, he is often able to alter, copy or delete data, read confidential files, read private E-Mail, spread vira or even shut down the whole system. He will usually look for passwords, network connections or gateways to networks like the Internet or other world-wide networks and E-Mail services. If there are any gateways to other networks, he will start using them and thus increase the usage costs for the particular network. It is very likely that the hacker/phreaker will use all features of the company computers, networks and gateways to international networks. The simple reason is that he does not have to pay for the use. Even though it may be evident that a hacker/phreaker has gained access to the corporate computer-network via a telephone line it is very difficult to find that person. In cases like this it is necessary to work together with the local police and the telephone company. The person in charge of the co-operation between your company and the local authorities should be your data security specialist. If there is no person in your company that is able to cope with a problem of this type, it is strongly recommended to get advice from a professional data security expert. He knows what to do and has the necessary connections to police and telecom companies. The telephone company has the technical equipment and can obtain permission to trace a telephone call, and line tracing is the most successful method to detect an intruder. Furthermore, it produces valuable evidence that can be presented in court. If it is necessary to install a wiretapping device this must be done by police after obtaining a warrant. For a company to take this type of action itself, would in most cases be a violation of the law and thus very risky business. Even if the company is able to detect the phreaker, it would not be able to present the evidence in court, and there would be no possibility to sue the illegal intruder. 3.1.1 COUNTERMEASURES --------------------- First step to prevent this type of damage is to close the security gap, e.g. by means of a password program. This must ask for the name of the user and for a password. The password should have a minimum length of six characters and all ASCII and/or ANSI characters should be allowed. The program should also look for forbidden passwords like "abcde" or "qwertz". After three attempt to gain access using an invalid user name or password the program must inform the system administrator automatically. If the user name is valid but the password not, the password program must cancel all access rights for the user who is trying to gain access with an invalid password. All users should be educated about how to choose a secure password or how to build up his own private password selection scheme. A personal mnemonic scheme like that is very helpful, because it serves to prevent stupid and easy-to-guess passwords and valid passwords from being written on Post-It papers stuck to the monitor. A password generator can also be helpful. This type of program generates random passwords, which are difficult to guess or hack (or remember). Next step would be to use a call-back device (integrated in many advanced modems). It functions by allowing users to call a particular telephone number and type a password to the modem, which subsequently hangs up. After validating the user name and password the computer will call the user, using a fixed telephone number either stored in modem or computer. The user again has to type the correct password and is then granted access. For the method to be secure, at least two different telephone lines must be used in order to place the call-back on a different line. Using only one line is not 100% fool-proof. Under these circumstances a call-back device can be circumvented by a skilled phreaker by reprogramming the telecom switching system. In modern digital switching systems it is possible to use the extended services to program a call diverter, so that when a particular telephone number is dialled, the call is in fact automatically redirected to a different subscriber. Call diverter functions are integrated in digital switching systems and Euro-ISDN. Many cases are known, in which a phreaker has used the call diverter functions to fool call-back devices and redirect calls to his home phone. One of the most secure ways to prevent intrusion is a hardware security protocol for caller authentication and log-in procedure. This modem access control and security hardware is installed in front of the host modem. Callers needs a hardware key, e.g. a dongle, a chip card or a PCMCIA Card installed in his computer in order to gain access to the host computer. This type of modem access control system first verifies the presence and authenticity of the hardware key. Only after successful completion of this procedure is the user asked for his personal password. The described modem access control system is also available for network access control to verify local users during their log-in procedure to a network. To prevent theft of information because of wiretapping of telephone lines used for data communication, a good modem access security and control system should be able to scramble and encrypt the transmitted data. This kind of encryption is most often performed by an onboard chip and not by software running on the computer system, although both types are known. This can be a factor of importance, because software en/decryption slows down a computer system as the number of dial-in lines is increased. It is recommended to use all the above described techniques in combination to prevent illegal intrusion by a phreaker/hacker. 3.2 TOLL FREE NUMBERS --------------------- Toll free numbers are a very attractive target for phreakers, because it costs nothing to call a number like that, incoming calls being paid for by the company operating the toll free number. It doesn't even cost anything to scan all available toll free numbers to find out who or what picks up the phone. So it is easy to find out which numbers are connected to fax machines, modems, are not in use, are used in voice mailbox systems, etc. To perform the scanning, the phreaker needs about one night and a "war dialer" scanning program as described above. Toll free numbers can normally be divided into a few groups with different purposes. 3.2.1 TOLL FREE NUMBER FOR MARKETING PURPOSES --------------------------------------------- This type of number is normally connected to a play-back device, which plays a promotion text when called. These numbers are often promoted in big advertisements in newsletters and journals and normally only available for a couple of weeks. It would be totally wrong to assume a number like that to be without risk. The following incident happened during a large German electronics and computer exhibition: A leading software company advertised a toll-free number to call for information about the computer virus problem. Each caller heard a tape with information denouncing ownership and distribution of illegal copies of software, emphasizing the risk of catching a computer virus. The advertisements were placed in journals normally read by business people and not by phreakers. After the number had been propagated by a phreaker through computer-networks like the FIDO net, more and more people started to call it with a war-dialer. The result was a rapidly increasing telephone bill for the company, because when the war-dialers called the number, the phone was picked up by the play-back device and the telecom company added one more call to the bill. The war-dialers hung up the phone a few seconds later and started to dial the same number again. This unexpected massive cost overrun forced the software company to shut down the line after a very short period of time. In a case such as this nothing can be done to prevent that kind of misuse. 3.2.2 TOLL FREE NUMBER WITH DIAL OUT LINES ------------------------------------------ A toll-free number with dial-out lines will attract phreakers like honey a brown bear. These systems are mainly used to limit expenses in companies, whose employees travel extensively. They make it possible for the employees to reach their company free of charge (the company pays for the call), and they can place (often world wide) calls by means of the dial-out function of the toll-free number. These calls are debited the company. Phreakers use the system the same way the employees do. They route all their calls through a toll-free system with dial-out lines, because this costs the phreaker nothing. The company thus targeted has to pay the expenses. Two things can be done to prevent misuse of this type of system. First of all it is mandatory to keep the toll free number with all its functions secret. Regular users should be informed on a need-to-know basis. They also should be told to keep the number secret. Keeping the number secret, however, does not mean that it will not be detected by phreakers. Bear in mind that it costs a phreaker nothing to scan for toll-free numbers on a regular base (eg. each month). The second thing to do is to secure the system with individual access codes, which must be entered through the telephone key-pad. The length of this individual access code must be minimum 6 digits. Currently, most toll-free systems with dial out lines are not protected by access codes. Most companies rely on no strangers calling the toll-free number and attempting to invoke hidden functions by trial and error. This is a false sense of security. All phreakers try out things like this, because it costs them no money to mess around with the system for as long as they want. In principle they have all the time they want to look for hidden functions. Most of the functions like dial-out lines are invoked by pressing one single digit on the key-pad. A few systems use two digits. This despite the fact that it will only take a phreaker a few minutes to discover how to (mis)use a toll-free system. In the worst of cases the toll-free system even features a voice menu telling callers which options are available in the system. In this case it is not even necessary to use trial and error. If it is suspected that a phreaker misuses a toll-free system with dial-out lines it is best to contact the police and take legal action. The police in co-operation with the telecom company possesses the technical and legal means to trace the phreaker. 3.3 VOICE MAILBOX SYSTEMS -------------------------- For the past few years the use of voice mailbox systems in Europe has been increasing. Voice mailbox systems must be divided into two different types: Toll-free voice mailbox systems used by many types of companies, and voice mailbox systems from companies providing party lines, dating lines and other, mostly expensive, services. Normally a phreaker will primarily select the toll-free voice mailbox system. If no toll-free voice mailbox is available he probably has the knowledge and the technical capability to call a voice mailbox of a service provider in an illegal toll-free way. The problem, however, is not which voice mailbox system he will call, but how he will use it. To understand how to misuse a voice mailbox system, the basic system use must be understood. A voice mailbox is like a house. When you enter the house your host welcomes you. The host in this case is a voice menu explaining all the functions of the system. To choose one of these functions you just have to press the corresponding button of the key-pad. Having made a selection you will leave the entrance and enter a "room". Each room is dedicated to a special topic. Topics can be live discussions with as many people as are in the room, public message areas, private message areas, playing a game, etc. A large voice mailbox system can have more than 100 different "rooms". If the number is not toll free, the phreaker uses techniques to call the voice mailbox system free of charge anyway. If the voice mailbox is interesting, easy to hack and fits his needs, the phreaker has a lot of uses for such a system. It has been evidenced by court trials that phreakers use voice mailbox systems as their "headquarters", to meet, to discuss, to have conferences with up to 20 persons participating at the same time, to leave messages to other phreakers or to deposit and share knowledge. They waste system resources without paying for it. In some cases all dial-in lines were busy, so no paying customer was able to connect to the system. It is also interesting to see how the phreakers used system resources. As mentioned above, a voice mailbox is like a house, a house with easy-to-pick or no locks in the doors. The business of the service provider requires the voice mailbox to be easy to use without big security installations. The voice mailbox must be an open house for everybody, and that makes it easy for the phreaker. First a phreaker will look for hidden functions in the voice mailbox. Hidden functions are normally used to reprogram the voice mailbox from a remote location. Commonly, hidden functions are available to increase the security level of certain rooms and for creating new rooms with new possibilities and features. With knowledge of the hidden functions of a system, the phreaker can create new rooms for meetings with other phreakers, and he is able to raise the security level of such rooms so that only insiders can gain access. Increasing the security level means assigning an access code to a room. Without knowledge of the access code the room cannot be entered. Thus, he is able to create a voice mailbox inside the voice mailbox for a closed user group, "Entrance for phreakers only". This voice mailbox for phreakers can be used to post calling card numbers, private messages for other phreakers, the newest access codes for other voice mailbox systems, the newest tricks on how to cheat the telephone system, etc. All owners of voice mailbox systems can do is to watch the traffic inside his system and look for changes such new rooms suddenly appearing. From a practical point of view it is very difficult to increase the security of a voice mailbox without causing problems for paying users. In case of misuse it is necessary to co-operate with a security expert and the local authorities to limit financial losses. 3.4 CORDLESS PHONES ------------------- It is very easy today to set up a complete telephone system in a small company, using only cordless telephones and that is one of the reasons for the sales of cordless phones rapidly increasing throughout Europe. However, only a few people know how dangerous it can be to use a cordless phone, especially for company purposes. This type of wireless phones can be divided into two groups. The first group employs a transmission frequency around 48 MHz and is mainly used in the USA. It can be used legally in some European countries as well. The second group employs a frequency in the 870 - 940 MHz range. This type is mainly used in European countries. The first major problem with wireless phones is that anybody with a suitable scanner can listen in on the conversation. A good scanner needs less than 30 seconds to find the correct frequency. This is a major weakness inherent to these systems, which can of course be fatal to a company. A new standard for European cordless phones (870 - 940 MHz) has emerged. These phones automatically scramble the transmitted signal between handset and base station. With this system in place, nobody with a scanner can stumble over the phone conversation by accident, but this standard still is not foolproof. The scrambling method employed by the system can comparatively easily be circumvented by a knowledgeable person with only a minimum of extra hardware. The American type cordless telephones (48 - 49 MHz) are the most unsecure devices available. They can easily be scanned as described as mentioned above. There is no signal scrambling standard, and they do not even check to see the handset and the base station in use match each other. Only very few cordless phones allow signal scrambling at all. In most cases this is just an option, the scrambling device must be bought separately and this is designed in a very cheap and thoroughly unsecure manner. It is no problem to circumvent this quality of scrambling with a little hardware. 99% of the American phones are without any scrambling option, they can't be made more secure, even if the customer wishes to do so. This cordless phone type opens the door to the possibility of misuse of a very special character because of a major system design flaw. Handset and base station are communicating on a fixed frequency between 48 and 49 MHz. The problem is that a handset works with all base stations set to the same frequency as the handset. It has become very popular in the USA when making a call first to switch off the base station and check if there is another basis station in the area, which can be reached by the handset. In this case it is very easy to use a base station belonging to someone else. And this person has to pay for the phone calls made by a stranger in the same house or area. It has also been seen that handsets were modified in a way so as to work on different frequencies, thus enabling the owner of the handset to make phone calls through a number of different base stations in his area. The usual range of a cordless phone is about 300 meters. To prevent this kind of misuse the European cordless telephones are working in a slightly different way. The first difference is that the phone does not use a single fixed frequency. European phones are using a wide range of frequencies which are divided into channels. When the handset is picked up, it first finds out which channels are in use and which are available. The first available channel will be used. The next built-in security is a validation between handset and base station. Every few seconds the handset is checking, if it is using a base station having a correct id-number and vice versa. If the handset or the base station does not receive the correct id-number the connection will be disconnected immediately. This feature makes it nearly impossible that a handset uses two or more different base stations within its range. The usual range of an European cordless phone is about 300 meters in an area free of obstructions, and about 50 meters inside buildings. 3.5 PAGER SYSTEMS ----------------- Pager systems are not directly abuseable, but if the pager in use has a character display so that it can receive complete messages or telephone numbers and not just beep, the messages are subject to easy interception by a person with the necessary knowledge and hardware. Telephone numbers have been known to be intercepted by "prankster", who later called the numbers and was rude to whoever answered. This has happened in the USA, but no European cases are known to the author. Nothing can be done to prevent this kind of misuse. 3.6 SHOULDER SURFING -------------------- A phreaker is mainly interested in making telephone calls without having to pay, and in our modern world of plastic money it is very easy for skilled people to accomplish this. To achieve his goal, a phreak is always looking for Calling Card Codes. Major international telephone companies (like AT&T, MCI, SPRINT and also the German TELEKOM) are issuing calling cards to interested customers. Just dial the service number of the telecom company and give them your credit card number and you will get your calling card. Using a calling card is very easy. Dial the toll-free number specified by the calling card company and the operator will ask you for your calling card number and the phone number you wish to call. In some cases there is an automatic operator and the calling card number must be entered using the key-pad or tone dialer. After verification of the calling card number (similar to a credit card number) you will get connected immediately. If a card holder uses his calling card from a public phone all the phreaker has to do is spotting the number on the card, watching the number being entered on the key-pad or simply listening, if the number has to be told to an operator. Holders of calling cards should protect these the same way he protects credit cards. If the calling card number is spread about in the underground, a few thousand Dollars of damage to the holder of the card can easily be the result. If the card holder discovers that his calling card number is misused, he must notify the card issuing company immediately. The calling card number subsequently becomes invalid and a new calling card is issued to the card holder. However, until the card company has been notified, the holder is liable for the damage. 3.7 ANSWERING MACHINES ---------------------- Answering machines are nothing special. We are routinely using them every day without ever reading the operating manual. This is why we know almost nothing about a few special features built into most answering machines to make our lives more comfortable. One of these features is the remote access function used to check who called and left a message, or to change the message played back when people call. Remote access is accomplished by means of a tone dialer and a two or three digit access code. This fact makes it easy for a stranger to hack the access number within minutes, gain access to the answering machine and listen to the recorded messages. The default factory access code setting for most answering machines is no big secret among phreakers. There is also a digit sequence for three digit access codes available, which fits 99% of the needs. This sequence was made by a tiny little Turbo Pascal program, and both were published over computer networks. For a couple of reasons it rarely ever happens that a phreaker tries to hack an answering machine. Firstly, it costs him money, because normally no private person owns a toll free number. Secondly, in 99% of the cases there are no big secrets to find on an answering machine. So, it's a waste of time for the phreaker. Another built-in feature of a modern answering machine is a monitoring option. This option is normally protected by a two or three digit code and allows a caller to listen to the room in which the answering machine is installed. This is a useful option for parents, who are away from home and want to learn what the children are doing (sleeping or partying), and it is a very useful option for a curious phreaker, who wishes to invade the privacy of people's homes. The problem gets even bigger when the answering machine is installed in a company office. In that case it is possible for the phreaker to obtain vital and confidential information about the company and its future plans. The only way to prevent misuse of these options and features is to buy an answering device without them. 4. HOW / WHERE DO THEY GET THEIR INFORMATION? --------------------------------------------- People often wonder what makes it possible to a phreaker to get his knowledge. There is nothing strange to it, however. It is a result of some tricky research or well-organized public libraries. Most of the information used by a phreaker is legally and freely accessible in libraries and book stores. Only in very few cases the phreaker has to behave like Jim Phelps in "Mission Impossible". The technical standards from the former telephone system standardizing organization CCITT constitute a very interesting source of information for a phreaker. They are available in every good university library and describe international telecom standards like tone frequencies (used to develop the coloured boxes). Most telecom companies are also publishing technical journals for service technicians. These journals are normally available to anybody, who might wish to subscribe. 4.1 SOCIAL ENGINEERING ---------------------- Some phreakers specialize in getting information through social engineering. Social engineering means in this case that a phreaker will phone up a person and pretend to be an employee of the telecom company (or some other important and well-known company), give an important reason for his call and subsequently ask for passwords, account numbers, technical data, specifications or whatever he is after. During his attempt to collect information the phreaker will appear very polite, trustworthy and adult even if he is just 16 years old. This type of information pillaging is done mostly by phone, and they are very often successful. First rule of telecom security to prevent misuse of social engineering. Nobody (!) needs your passwords, confidential account details, calling card numbers or any other type of confidential information. All requests for confidential information by phone should always be refused. People from telecom companies are able to identify themselves with special ID cards, and even these people do not need confidential information. If they need to test something they have their own service access accounts for telephone lines and switching systems. Again. Nobody has to ask for confidential information via telephone even if he gives very good reasons! 4.2 TRASHING ------------ In the course of court cases against prominent phreakers it has become evident that they went out to "trash" telecom companies or other targets, which had their interest. To "trash" in this connections means searching through trash cans for diskettes with software or papers carrying technical knowledge for insiders, telephone numbers, passwords, access codes, planned installations, etc., etc. The rule here is that no paper carrying information that could be important to outsiders should be thrown away. A good countermeasure is to install freely accessible paper shredders (e.g. one on each floor). Furthermore, the employees should be educated about paper security and advised to use the paper shredders. The important rule to apply here, and this particularly goes for old back-up diskettes and tapes, is: If it is not economical to guard it, it is economical to destroy it. In other words, any company policy regarding archiving must contain rules regarding destruction of old archives. Simply throwing these out is rarely sufficient. 4.3 UNDERGROUND PUBLICATIONS ---------------------------- Some people are publishing more or less regularly issued underground magazines about phreaking which are also distributed through modem accessible Bulletin Board Systems as computer files. Every phreaker is welcome to contribute articles for such an underground magazine. One of the foremost publications in this category is Phrack, which is so popular that it has received an ISSN number in the USA and is published on a regular basis. 4.4 WORLD-WIDE COMPUTER NETWORKS -------------------------------- There are only a few innovative phreakers in each country. These phreakers are developing the leading technology of phreaking. Most of them share their knowledge with other people interested in phreaking via computer networks and bulletin board systems. It is thus no big problem to find information about phreaking, which means that malicious information gets spread rapidly to a large audience. 4.5 INTERNAL COMPUTER NETWORKS OF TELECOM COMPANIES --------------------------------------------------- If the phreaker is also a skilled hacker he probably knows ways to access the internal computer network of a telecom company in search for informations. A famous case in the USA was the stealing and publishing of a document about the 911 Emergency Service from the computer network of a telecom company. This case ended in court. 5. CONCLUSIONS -------------- Telecom equipment is a vital resource for any company, and no company can permit a stranger to alter or abuse their telecom system. As described in this article there are many ways to abuse telecommunication equipment, and to prevent abuse from occurring it is absolutely necessary to check out the weakness and vulnerability of existing telecom systems. If it is planned to invest in new telecom equipment, a security plan should be made and the equipment tested before being bought and installed. Every serious manufacturer of telecom equipment will assist with answering the question of telecom security, but it is also recommended to consult a independent source of information, such as an information security expert. It is also mandatory to keep in mind that a technique which is described as safe today can be the most unsecure technique in the future. Therefore it is absolutely important to check the function of a security system once a year and if necessary update or replace it.----------------- OLD FREEDOMS AND NEW TECHNOLOGIES: The Evolution of Community Networking By Jay Weston (jweston@ccs.carleton.ca) This paper, with only minor variations, was delivered as a talk at the FREE SPEECH AND PRIVACY IN THE INFORMATION AGE Symposium, University of Waterloo, Canada, November 26, 1994. ---------------------------------------------------------------------- Copyright: This text is released to the public domain. No copyright restrictions apply. J. Weston ---------------------------------------------------------------------- North American society has had a lot to say on the distributed public media that we call the Internet, or simply the Net. And, in the past year or so, we have started to have a lot to say about what we've been saying. However, we haven't quite heard what we've been saying. We haven't heard because we are inexperienced in listening to each other this way. We are listening to the wrong things. Or, as Karl Popper once put it, we have been "like my dog, staring at my finger when I point to the door."(1) But, we can be forgiven for our misplaced attention to the Net. Since it was first observed that there just was not enough available bandwidth to let everybody send smoke signals or bang drums, we've been organizing and reorganizing to determine who would, and who would not, get their hands on the blankets and the drums -- and the presses, the microphones, and the cameras. As we moved through a few millennia, successive public communication technologies either began as, or very quickly were made to conform to, the extreme send:receive imbalances that, somewhere along the line, we started calling the mass media, or simply the media. It would be pedantic in the extreme to do more than note that these access restrictions now define all of the social relations of modern societies. Whole disciplines are organized around the understanding that all public and private institutions, all local and external spaces are bent by the constricted and compressed discourses of the mass media. Whether the analyses are celebratory or critical, whether their mass media interdependencies are made explicit or not, all analyses of modern society take the access constraints of the mass media as immutable. Public access to these media is simply not problematical. On the one hand, there are the media and, on the other, there are their audiences, consumers, constituents, and publics. Until very recently, there was no reason to imagine that questions would ever have to be asked about societies with abundant access to the means of media production, exhibition, distribution, and reproduction of cultural offerings. Suddenly, it is time to start imagining the questions. That is what the Internet is about. Some usually astute observers, among them Internet Society President Vinton Cerf and Microsoft CEO Bill Gates, are predicting that the twenty million now on the Net is only the beginning. Cerf predicts 100 million by 1998 (2) and Gates, in a recent interview, confided that his big mistake so far had been in underestimating the importance of the Internet (3). If they are right, if the hordes are going to start beating their drums in public, absolutely everything about the existing social order is about to be challenged. Not simply the mass media institutions, but all institutions. Everything is at stake. [If they are wrong, if the Internet is only the latest gizmology, then there is nothing to get intellectually excited about. We've been there before. For, as exciting or as terrifying as the prospect of a tiny 500 channel universe may be, it is just mass media business as usual, albeit new and unusual business.] Whether or not there will be 100 million or so people on the Internet by 1998 or so, will depend first, upon whether they want to be there and secondly, if they do, who will likely be trying to stop them, why will they be trying to stop them, and how will they be trying to stop them. As to the question of whether they will want to be, the Internet growth figures are familiar to us all. Steeply up to the right and getting steeper. This should be more than enough evidence that, given a chance, people are eager to be there. Curiously, this inconceivable growth has occurred despite the equally familiar observations that the Internet is difficult to access, hard to use, slow to respond and, what is mostly to be found there is banal or otherwise offensive, and hopelessly disorganized. This apparent contradiction of millions actively embracing cyberjunk cannot be resolved within the vocabulary of the mass media with their well-organized, familiar, marvellously honed content packages, that are so quickly and effortlessly available. Dismissive statements about the potential of the Internet that are based on the quality and delivery of content, cannot be resolved by debates about whether such statements are accurate or inaccurate. For some, judging the Internet by its content, the quality of its information, and the accuracy of its databases, is relevant and for others it is not. For those for whom it is not, the Internet is less about information or content, and more about relations. For the mass media, it is always just the opposite. The mass media are almost pure content, the relationship a rigidly frozen non-transaction, that insulates the few content producers or information providers from their audiences. This is how we experience and understand the mass media. If it were not so, we would not call them the mass media. Five hundred or 5,000 more unswitched, asymmetrical, "smart" channels will not change that. It is, on the other hand, impossible to understand much about the Internet's appeal by analyzing its content. The Internet is mostly about people finding their voice, speaking for themselves in a public way, and the content that carries this new relationship is of separate, even secondary, importance. The Internet is about people saying "Here I am and there you are." Even the expression of disagreement and hostility, the "flames" as they are called, at least says "You exist. I may disagree with you, or even dislike you, but you do exist." Mass media do not confirm existence, and cannot. The market audience exists, but the reader, listener or viewer does not.(4) This is not to argue that the content of the Internet is irrelevant. The content defines the relationship. People not only want to represent themselves, they ordinarily want to present themselves as well as they can. It would be cynical in the extreme to devalue these representations, the texts, the exhibited cultural products of tens of millions. It is rather to argue that the relational aspects of the transactions qualify and define the content in ways that need to be understood if the Internet it to be comprehended. Whatever the reason for millions speaking publicly, this condition was not part of the mass media problematic. It is unreasonable to think that merely tinkering with paradigms grounded in technologies of restricted access will permit a rich interrogation of the range of social relations provided for by technologies of unrestricted access. This call for a vocabulary that directly addresses the centrality of distributed public media is not a suggestion that paradigms that centrally situate mass media are somehow of less importance than they once were. If anything, their questions of access, production and representation are more critical, and even more challenging, than they were before distributed media raised the complexity of social relations. However, an expanded universe of mass media discourse that merely attempts to overlay distributed public networks upon the structured relationships of a mass mediated society, will lead us to misunderstand a society evolving with distributed public media. It is well-understood that, all social institutions have their relative certainties made possible by the centralizing power of the technologies of mass communication. The relative certainties that accompany attenuated access to the means of symbolic production is welded into the fabric of all institutional policies and practices. Assuming, then, that access to the means of cultural expression will be increasingly distributed, it follows that all of the institutions of modern society will be threatened or at least inconvenienced by this development. While expressions like "public involvement", and "participative democracy", are imbedded in our rhetorical traditions, their unquestionable acceptability has always been conditional upon their equally unquestionable non-attainability. The technologies of mass communication always ensured that involvement and participation would not be overdone. When the institutions that rose to power in the wake of the industrial revolution began to speak of the "information revolution", they only meant to digitize the modern industrial state. This non-revolution was Phase II of the old boys' operation, another remodeling of the modern apparatus. The "Information Highway" is the updated codeword for the modern retrofit. This was not supposed to be about a technological adventure that would reconfigure social relations or blur the well-constructed boundaries between the public and the private ground. This was supposed to be about a five hundred, not a one hundred million channel universe. The becoming Internet, this decentered polity, is an accident that happens to expand the locus of direct, self-mediated, daily political involvement. Those who previously had to make themselves presentable to the agencies of mass communication technologies in order to be represented by the technologies, have begun to publicly represent themselves. What was previously local, domestic, idiosyncratic and private can, for the first time, become external and public. This is an abrupt reversal of the mass media's progressive appropriation of the idiosyncratic and private for their own institutional purposes. Since this reversal was unimaginable, no contingency plans had been imagined for dealing with it. But, to the extent that the expansion of the public ground challenges become identified for any segment of the established order, these challenges will be met. It is axiomatic that the Internet and, by extension, public community networks can expect massive pressure to diminish or eliminate the identified destabalizing influences that these distributed media exert. If the Internet, with its changed relations of production and related exigencies, is signaling a coming Accidental Revolution, the contests and the casualties will be enormous. This symposium is about the skirmishes, battles and wars that have already started. All of these encounters are around the legitimacy of public self-expression, assembly, examination and privacy. These are the problematic of distributed public media, not of the mass media. Beyond our noting that they were lamentably unimportant, the concerns relating to freedom of speech were not central to a mass mediated society. Our familiarity with freedom of speech was almost entirely abstracted from the mass media accounts of their own experiences and the performances of their own legal departments. The mass media tested the limits of those freedoms for the speechless public. We are now in the beginning stages of defining the legitimacy of self- expression for ourselves. This represents a new set of concerns about the circumstance and substance of distributed media texts in all of their modes, the bases upon how it comes to happen that people 'speak' publicly, and what it is that they 'say'. The idea of 'assembly' and how it will happen that groups come to occupy territory and how they are distributed globally and locally assumes original importance, as decisions get made about what 'virtual communities' will be, and where they will situate. The privacy puzzles about the availability and use of all those sophisticated watching, listening, storing, sifting and intrusive devices are a humbling reminder of just how much our reach has exceeded our understanding of these technologies. How these matters are resolved will shape the distributed media and decide their social relevance. Community networks are contributing a broader distribution of voices as these puzzles begin to get worked out on the distributed media themselves, rather than only in the exclusive enclaves of special interests. This must continue and expand or the awakening of self- representation will be short lived. It would be wise to assume that there are not yet any 'rights', or that the old freedoms that were often hard won by the mass media, are now enshrined and will automatically transfer to distributed public media. Situating Community Networks If, as Bruce Sterling observed in the Afterward to his earlier work The Hacker Crackdown, "Three years in cyberspace is like thirty years anyplace real" (5) and, as events from thirty years past are often dimmed or forgotten, I hope you can forgive me for reminding you this morning that way back in November, 1991 the Canadian public had no access to the Internet. Moreover, there were no signs that the public would have any access. The steepness, even then, of that now overly familiar Internet growth curve was entirely attributable to new users from within their formal institutional settings. The universities, research institutes of the telecommunication giants, and a few government departments had the Internet as their private preserve and tightly controlled access to it, often denying entry to even their own (6). This control existed, even although the administration of these institutions were still marvellously unaware of what was going on in their basements. Though unintentional, the Internet was still a well-kept secret, its threat to the status quo still largely unrecognized. The commercial online services were busily avoiding the Internet, still building the firewalls around their own proprietary networks. Their fees were so high, and their services so meagre, that they were providing little incentive for the general public to even begin to experiment with their narrow networking offerings. The recurring telco dream of local metered service was a constant reminder that the Canadian public might never experience the Internet. Failure of poorly conceived commercial network services like Bell Canada's "Alex" and Australia Telecom's "Discovery" had convinced the telcos that not even the business community was ready for network services. The Canadian Network for the Advancement of Research, Industry and Education (CANARIE), as its name implied, betrayed no awareness that there might be people in this country. Even by the end of 1992 when CANARIE released its business and marketing plans, the hundreds of written pages devoted to its vision made almost no reference to the Internet, and carefully avoided the 'public' as serious participants in what the partners had in mind for the country.(7) These are but a few isolated examples of the evidence that the Internet had either not yet penetrated the collective institutional consciousness or was enjoying a brief period of benign neglect. For those who had experienced the Internet and begun to internalize even a small amount of what was happening, the general inattention seemed amazing, even eerie. One thing was very clear. With no public or private restrictive policies in place, if there was ever a brief moment when it might be possible to unleash the Internet in Canada, to really unconditionally distribute this distributed capability to the Canadian public, it was 1991. (The National Capital FreeNet and the Victoria Free-Net were not actually unleashed until late 1992, but the idea was developing in the autumn of 1991.)(8) The full stories of how the first Canadian community networks managed to uncage the Internet should probably be told some day. These stories need to be told to fill in the historical record, and to preempt any misconceptions that the development was simply blind luck or simply technology running its inevitable course. For now, it is enough to say that the freenet initiative in Canada was understood and intended from the very beginning as political action. At least, it was in the instance of the National Capital FreeNet, the community network where I live and, about which I am best able to speak. It was understood from the first, for instance, that the relatively narrow and concrete act of having electronic mail and Usenet newsgroups available, and at their real cost to the community, would ensure widespread acceptance, and that the acceptance rate would be stunning. It was also understood that once these were made freely available, it would be difficult to take global electronic mail away, or to introduce it at the leisurely rate and higher tariffs that are customary with market driven services. More importantly, it was understood that the inclusionary ideals and vocabulary of the Freenet would both protect and sustain the initiative after the private sector realized that a public market for networked services was being created for them. The National Capital FreeNet was an imagined public space, a dumb platform where all individuals, groups and organizations could represent themselves, where conflict and controversy could occur as the manifestation of conflict and controversy already occurring within the community. As a public space, no one, and certainly no group or institution, would be held responsible for another's ideology, moral standards, expectations or motivations. On the other hand, each person or organization would be accountable for themselves. Such a space could be constructed only by the community acting as a community, and not by any public or private organization acting on behalf of the community. At least that was the idea in 1991. Just three years later, the Net situation has changed dramatically. Although still unreasonably expensive, commercial Internet access is fairly readily available, and very shortly community networks like the National Capital FreeNet will not be needed, or even wanted, as Internet access points. FreeNets will have to become the vital, local public spaces they originally promised to be. Just calling the facility a community network does not make it one. The label does not ensure an unconditional public terrain where the whole community can celebrate its commonalities and diversities, and work through its differences. In 1991, there was not much urgency to focus on these ideals. Access to the existing and emerging Internet services, and at no involuntary cost, was enough to ensure a community network's success. It was not then understood by the community networks that this powerful Internet access lever would slip away so quickly. Community networks must now understood that they must be community networks. This means that they cannot be financed or run for the community by one or another institution. Although networks run by such organizations as universities, hospitals, telephone companies, or governments, often do not charge a fee, and always provide an array of valuable services, these are not the criteria by which community network can be usefully defined. Community networks run by other organizations are always conditionally invested with the values, missions, mandates, policies and procedures and other constraints necessarily imposed by the host institutions and, therefore, cannot ever provide a public terrain. No institution has a primary mandate to provide a public space where public opinion can be under construction. When freedom of expression is a secondary add-on, it is just that, and will be encouraged only so long as it is not in conflict with what the institution is primarily about. Today's youthful community networks, are better than they have any right to be this soon and are still our best hope, maybe our only hope, for a more participative, more self-representative democracy. It is too bad that they will have to mature so quickly if they are to reach adulthood. While they are still critical Internet access points, still the bridge between the vast diversity of the Internet and the more homogeneous organic community, they must take that opportunity to learn how to celebrate the vast diversity that is also the local community. The local community is where people live their social and political lives and that is where differences must be publicly worked through. This is most important where the differences are the most acute and where the latitudes of tolerance are the narrowest. Community networks must be up to letting everyone speak, as painful as this will be for some, some of the time. Children, and others unequipped to make safe judgments when encountering the most extreme clashes of values, opinions and advocacy, must be protected from these conflicts, but the community network cannot be their guardian. The family, the school, the place of worship and other societal structures are their guardians. Finally, and most importantly, the part-time, short-term stewards of the community networks, usually called the 'board', must understand that the public terrain is not their institution, and not their moral preserve. The construction of Public Sphere, Inc. is a betrayal of the promise community networks have for becoming a public terrain. As community networks develop and mature, they are becoming more exclusionary, more restrictive, more like any other organization. They begin to see themselves as providing something for the community, rather than as caretakers of a space created by the community. This needs to be reversed. A commitment to defending and expanding this public ground will determine whether community networks will survive more than a few more year and, what is more, whether their survival will be a matter of importance. Endnotes (1) Popper made the statement at a public lecture at Michigan State University in the mid-sixties. Ironically, he was arguing that the then popular social science translations of the electrical engineering 'information theory' model were misguided attempts to understand social communication by what he termed 'bucket theories', where the transactions are comprehended only as buckets of content, devoid of any human consideration. (2) Written testimony to United States House of Representatives, Committee on Science, Space and Technology, March 23, 1993. When asked what he thought about the reliability of Cerf's estimate of 100 million Internet users by 1998, Gerry Miller, Chairman of CA*net, the non-profit company that manages and operates the Canadian Internet backbone network, responded wryly "Try 100 million hosts." While Miller might not have meant that literally, it was clear that he felt Cerf's earlier estimate to now be a significant underestimate of expected Internet growth. Private conversation, Ottawa, November, 1994. (3) PC Magazine, "Bill Gates Ponders the Internet" by Michael Miller, October 11, Volume 13, Number 17, 1994 p79. (4) An explication of framing human communication as the inevitable interplay of content and relational components of symbolic transaction was provided by Paul Watzlawick, Janet Beavin and Don Jackson in PRAGMATICS OF HUMAN COMMUNICATION. This 1967 monograph has attracted little attention from media scholars and other social theorists, probably because the unidirectional producer/consumer relationship between the mass media and their audiences is fixed, thereby eliminating or greatly inhibiting the metacommunication interplay. (5) Bruce Sterling, "Afterwards: The Hacker Crackdown Three Years Later", January 1, 1994. Found on the WELLgopher URL: gopher://gopher.well.sf.ca.us:70/11/Publications/authors/ Sterling (6) For example, undergraduate students in most programs at most Canadian universities could not get computer accounts in 1991. Also, many of the first cohort of National Capital FreeNet subscribers were federal civil servants from departments and ministries where Internet access was available, but only to a selected few. (7) CANARIE Associates, "CANARIE Business Plan" and "CANARIE Marketing Plan", July 15, 1992. (8) The National Capital FreeNet was inspired by the Cleveland Free-Net, founded in 1986 by Tom Grundner at Case Western Reserve University. "Free-Net" is a registered servicemark of the National Public Telecomputing Network. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% INFORMATION SUPERHIGHWAY: REALITY By Reid Goldsborough (reidgold@netaxs.com) Here's some information on the information superhighway you may find interesting. These are excerpts from the first chapter of a new book I've written, published by Macmillan Publishing/Alpha Books and titled "Straight Talk About the Information Superhighway." The book discusses in detail how this national network will affect all aspects of our lives, from interpersonal relationships to jobs, from health care and education to entertainment and shopping. In the book I try to present both plusses and minuses, honestly and without either hype or cynacism. In addition to covering the likely near- and medium- term future, the book also discusses the current state of Internet culture. *** "Information superhighway" is really just a shorthand term for many different networks that will be used for the delivery of information, communications, and entertainment. Once the kinks get worked out, it's expected -- or at least hoped -- that most of these networks will connect with one another, leading to a seamless national, or international, communications matrix. -- When the movers and shakers talk of the information superhighway, most of them think in terms of one of two visions. The first is of a cerebral highway, where information and communications are the key commodities transferred. The second is of an entertainment highway -- sometimes disparagingly referred to as a "couch potato highway" -- where movies, TV shows, interactive games, and home shopping offerings are the more prevalent content. Those who see the information superhighway as an extension of the Internet see additional types of information being made available to personal computer users -- voice, music, and full-motion video. Those who favor the entertainment-based vision see the information superhighway as an extension of cable TV. Only instead of waiting for movies or programs to come on, you'd be able to watch just about anything you wanted anytime you wished. The entertainment vision is favored by those who would profit from it -- cable TV companies and telephone companies, both of whom will be building the broadband pipelines and delivering the multimedia content into homes over the coming years. The information vision, on the other hand, is favored by the computer industry and particularly by the online community, which views the cable TV and telephone companies as threats to the low-cost sharing of information that exists today. -- Not everybody is enamored with the idea of the information superhighway. The information superhighway, say critics, is a bad metaphor for a boondoggle that big business wants to build with your tax dollars. If it's ever finished, you'll pay big bucks for ten times more channels to watch reruns of The Lucy Show. If it ever is finished. Critics contend the technology won't be ready for prime time for years to come. -- The uncertainty surrounding an undertaking as large as the information superhighway in many ways *is* frightening. "I guess the scariest part is that you don't know where it's going to lead," says John C. Malone, president and CEO of Tele-Communications Inc., the country's largest cable TV company and a major information superhighway player. "This is a technological and business structure revolution. Nobody can sit here today and predict where it's going and what its impact is going to be on any particular industry, any particular company, or any particular individual." Fortunately, fear of change isn't stopping our forward momentum. As you'll see in the following pages, people are using communications technology today -- and planning to use enhanced services tomorrow -- in a host of fascinating ways. The changes happening now truly represent a revolution, a revolution that will transform jobs, education, relationships, entertainment, shopping, health care, and politics, a revolution in which you can play a part. *** If you'd like to read more, the following will help you decide if it's worth it to you to buy the book. Please note that I mention specifics, including price, so if you object to commercialism of any sort, don't read the rest of this message. In writing the book, I interviewed key industry leaders such as Bell Atlantic Chair and CEO Ray Smith and former Apple Chair and CEO John Sculley; top government officials such as FCC Chair Reed Hundt; industry and government watchdogs such as Ralph Nader; social commentators such as Dr. Joyce Brothers (on relationships and sex on the Internet today and information superhighway tomorrow); and people like you using today's online services. I also relied on demonstrations of emerging information superhighway technology; important government white papers; key speeches and Congressional testimony by politicians, company CEOs, and community leaders; and my own explorations of today's online and multimedia worlds. "Straight Talk About the Information Superhighway" covers topics relevant to online users, including: * The top sources of online information and entertainment today * Online shopping, advertising, and the commercialization of cyberspace * Online job searching * First-hand accounts of love in cyberspace and tips on how to find it * Computer-enhanced sex * The spiritual underpinnings of cyberspace * The psychology of flamewars * Computer nerd jokes * Computer addiction * How interactive TV will differ from today's passive offerings * The combination PC/TVs of tomorrow * The telephone/cable wars * Privacy, access, and freedom of speech * Avoiding infoglut with intelligent agents * The future of multimedia and virtual reality * Distance education * Telemedicine * Personalized news * Direct democracy * Grass-roots organizing over the Internet * New trends in telecommuting "Straight Talk About the Information Superhighway" by Reid Goldsborough is published by Macmillan Publishing/Alpha Books (ISBN: 1-56761-513-9). You should be able to find a copy in your local bookstore. If not, you can ask them to order a copy or you can order the book directly from Macmillan Publishing by phoning (800) 428-5331. The cost is $19.99. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% INTERNET TOOLS SUMMARY By John Arthur December (decemj@jec310.its.rpi.edu) Hello, I've updated my list summarizing Internet tools for Network Information Retrieval (NIR) and Computer-Mediated Communication (CMC). This list gives definitions and references to documentation and demonstrations of these tools. The list is available in several formats: text, 80-column text, compressed postscript, html, tex, or dvi. These files are available via anonymous ftp: Anonymous ftp host: ftp.rpi.edu Directory: pub/communications/ Files: internet-tools {.txt .ps.Z .dvi .html} See file: internet-tools.readme for more information. For Web access, see the "segmented" hypertext version at: http://www.rpi.edu/Internet/Guides/decemj/internet-tools.html FILES ===== Basically, o internet-tools.ps looks best for reading on paper. o internet-tools.txt is good if you want the 80-column constraint. o internet-tools is great for manipulating with Unix scripts. o internet-tools.html is useful in a WWW browser; Connect to URL: http://www.rpi.edu/Internet/Guides/decemj/internet-tools.html CONTENTS: ========= * Section -0- HOW TO USE THIS DOCUMENT * Section -1- ABOUT THIS INFORMATION o Notes o Formats * Section -2- NIR = NETWORK INFORMATION RETRIEVAL o Utilities - Finger - Netfind - Nslookup - Ping - Shepherd - TIA = The Internet Adapter (tm) - WHOIS - X.500 o Tools - Alibi = Adaptive Location of Internetworked Bases of Information - Archie - Astra - Bitftp - Essence - FSP = File Service Protocol - FTP = File Transfer Protocol - Jughead - Knowbot - Maltshop - Netserv - Soft-Pages - Spiders - Telnet - Trickle - Veronica o Systems - Alex - GN - Gopher - Prospero - WAIS = Wide Area Information Server - WWW = World Wide Web o Interfaces - Lists - Biomix - Chimera - Cello - Compass - Emacs-WWW-browser - Fred - GINA - Hyper-G - Hytelnet - Internet-in-a-box - Minuet - Mosaic - Lynx - Netscape - Samba - SlipKnot - Viola - Willow * Section -3- CMC = COMPUTER-MEDIATED COMMUNICATION o Interpersonal - Email - Talk - ZTalk o Group - Collage - CU-SeeMe - Haven - Lily - Listproc - LISTSERV - Majordomo - Maven - MU* = Multiple-User Dialogue/Domain/Dungeon - Procmail - WIT = Web Interactive Talk - WW = Web World - Yarn o Mass - ICB = Internet Citizen's Band - IW = Interactive Webbing - IRC = Internet Relay Chat - ITR = Internet Talk Radio - Mbone - Usenet o Interfaces - exMOO - htMUD * Section -4- STANDARDS o Collections o Internet o Other * Section -5- REFERENCES * Section -6- DESCRIPTION OF ITEMS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% LEGION OF DOOM T-SHIRTS!! Get 'em By Chris Goggans After a complete sellout at HoHo Con 1993 in Austin, TX this past December, the official Legion of Doom t-shirts are available once again. Join the net luminaries world-wide in owning one of these amazing shirts. Impress members of the opposite sex, increase your IQ, annoy system administrators, get raided by the government and lose your wardrobe! Can a t-shirt really do all this? Of course it can! "THE HACKER WAR -- LOD vs MOD" This t-shirt chronicles the infamous "Hacker War" between rival groups The Legion of Doom and The Masters of Destruction. The front of the shirt displays a flight map of the various battle-sites hit by MOD and tracked by LOD. The back of the shirt has a detailed timeline of the key dates in the conflict, and a rather ironic quote from an MOD member. (For a limited time, the original is back!) "LEGION OF DOOM -- INTERNET WORLD TOUR" The front of this classic shirt displays "Legion of Doom Internet World Tour" as well as a sword and telephone intersecting the planet earth, skull-and-crossbones style. The back displays the words "Hacking for Jesus" as well as a substantial list of "tour-stops" (internet sites) and a quote from Aleister Crowley. All t-shirts are sized XL, and are 100% cotton. Cost is $15.00 (US) per shirt. International orders add $5.00 per shirt for postage. Send checks or money orders. Please, no credit cards, even if it's really your card. Name: __________________________________________________ Address: __________________________________________________ City, State, Zip: __________________________________________ I want ____ "Hacker War" shirt(s) I want ____ "Internet World Tour" shirt(s) Enclosed is $______ for the total cost. Mail to: Chris Goggans 603 W. 13th #1A-278 Austin, TX 78701 These T-shirts are sold only as a novelty items, and are in no way attempting to glorify computer crime. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%----------------- INTERVIEW WITH ERIK BLOODAXE By Netta Gilboa Interview with Erik Bloodaxe (GRAY AREAS REPRINT) The following are portions of an interview with "Erik Bloodaxe" by Netta Gilboa of Gray Areas Magazine. Gray Areas is an eclectic arts and culture magazine that focuses on the fringes of society. It's one of the best sources for information on rock and alternative music, controversial social issues, computer culture, and other topics that aren't covered elsewhere. It's a steal $18 for four issues, or $50 for three years. For information, write: Gray Areas PO Box 808 Broomall, PA 19008-0808 Or, e-mail them at grayarea@well.sf.ca.us For those new to computer culture, "erik bloodaxe" was a member of the original "Legion of Doom," a modest media celebrity, and more recently, the editor of Phrack)). ((Excerpts from interview with Chris Goggans at Pumpcon, 1993. From: GRAY AREAS, Fall, 1994 (Vol 3, #2): pp 27-50)) By Netta Gilboa Netta Gilboa: What is Phrack magazine? Chris Goggans: Phrack is the longest running underground publication. I don't really know how to describe Phrack. Phrack just sort of is. Phrack is an electronic magazine that deals with topics of interest to the computer underground; different types of operating systems, weaknesses in system architectures; telephony; anything of any relevance to the community in which it was intended for, that being the computer underground. It has always tried to paint a picture of the social aspects of the computer underground rather than focus entirely on technical issues. So in that way it adds a lot of color to what's going on. GA: How did you get involved with publishing Phrack? CG: Well, I got involved when the person who was editing it at the time, Dispater, got into a motorcycle accident and as a result of this, had a lot of other financial hardships, so he wasn't going to be able to do it any longer. Its original editors, Craig Neidorf (Knight Lightning) and Taran King, had no interest in doing it themselves any longer for, at least in Craig's case, obvious personal reasons, and there really was no one else who could take it over. I was of the mind set that Phrack had been around so long that it had almost become something of an institution. I, being so ridiculously nostalgic and sentimental, didn't want to see it just stop, even though a lot of people always complain about the content and say, "Oh, Phrack is lame and this issue didn't have enough info, or Phrack was great this month, but it really sucked last month." You know, that type of thing. Even though some people didn't always agree with it and some people had different viewpoints on it, I really thought someone needed to continue it and so I kind of volunteered for it. And there was a little bit of discussion amongst some people. First Craig was really hesitant to say, "Yeah, well maybe you should take it over." A lot of this was being held up by Taran King who said, "Well, we just don't want your politics getting involved." Because, apparently, I have some hidden political agenda that differed with what they thought the role of Phrack should play. Eventually they decided that there is really no one else who could do a job well enough to continue it in the spirit in which it had been formed and I started with issue 42. And I think that one went over very well. That issue was pretty hilarious because it had a lot of stuff about packet switching networks, and it was a big slap in the face to B.T. Tymnet. I had a whole lot of fun with that issue. Since then, it's gone over really well, at least from everyone I've talked to. Of course there' have always been a few dissenters that say, Oh, Phrack sucks, but these are the same people who won't tell you why. They're just saying it to try to get a rise out of me or something, but everybody seems to appreciate the time and effort that goes into putting this out and especially since I'm getting nothing out of it. There's kind of a funny side to that. After I took it over, I went ahead and I registered it with the Library of Congress and I filed a DBA as Phrack magazine and for the first issue I put out a license agreement, sort of, at the beginning saying that any corporate, government or law enforcement use or possession of this magazine without prior registration with me was a violation of the Copyright Law, blah, blah, blah, this and that and Phrack was free to qualified subscribers; however, in order to qualify as a qualified subscriber, one must be an amateur computer hobbyist with no ties to such a thing. And this really went over like a ton of bricks with some people. A lot of corporate people immediately sent back, "Please remove my name from the list." I had a few other people say, well, "We're going to pay, but don't tell anybody we're going to pay." Of course, they never did. There was only one person who actually did pay, so, you know, I used that as wonderful ammunition for the next issue saying that all of them are lying, cheating scums and they have no respect for our information so why should they think it odd that we have any respect for theirs. GA: And you actually named a few people. CG: Yeah, I named several people who were not only getting the magazine but in one case, they were spreading it around and, of course, none of them even contacted me for registration. It was all, I had a riot with it. It was a lot of fun. And, I'm still going to include that in every issue because I still expect them, if they're going to be reading my magazine, to please have some shred of decency and pay the registration fee, since it's a lot less than any other trade publication that they'd be buying regardless, and certainly a lot more voluminous and contains a lot more information than they're going to find in any other magazine dealing with computer security. GA: Is the agenda for that decision to get publicity, to have grounds to sue people who you don't like, or to gain financially? CG: Well, I never expected to gain anything financially. You know, a lot of the people who are still in the so-called "underground" are also working in various fields which might put them in conflict with the registration agreements, and we're very liberal about that. I mean, if someone just because they're working at, let's say... GA: Gray Areas, Inc. CG: Yeah, Gray Areas, Inc. or the people who might be independent, like LAN consultants, you know, just 'cause someone's working in the field, I'm real flexible about that. Then if someone sends me mail, and I get a lot like that, which says, "Well, I'm assistant administrator here at the university and there's no way they'll pay for it." I'm like, "Don't worry about it." You know, "We'll make an exemption in your case." But it's the people, the Gene Stafford's of the world, the Ed DeHart's of the world. Those are the people who have always pointed the finger at the people who this information is intended for and called them bad. They're the ones who don t register their subscriptions and the people of their mind set and the people of their ilk, I guess. As far as publicity, it didn't gain any publicity. It wasn't any kind of stunt. My biggest concern in doing this was to try to protect this information and I didn't want to see it being resold. With the prior Phracks up 'til 41, there are companies out there, for example Onion Press who sells hard copies of Phrack, and I don't want anything that I'm putting time and effort into being resold. I don't want it in the CD-ROMs. There's are several CD-ROMs out right now with a bunch of text files from the computer underground. So, I wanted to copyright this information, put it out. It's a magazine, I'm doing it, it's my magazine. The DBA is in my name, I hold the copyright and no one's going to resell this. If it's going to be presented in some other format, I want to be able to control that. And, it's not necessarily a kind of power play. It's just I want to protect it. I mean, I don't think you'd appreciate people all of a sudden saying, "Now I'm going to put up the electronic version of Gray Areas." ======================= GA: Many years ago, Phrack had a problem with a telephone company regarding a document that they printed, and a lot of people have said that if it was a paper publication as opposed to an electronic publication, that might never have happened. CG: Yeah, well, I mean, that's obvious. You look at magazines like 2600 and just because they're black letters on a white page instead of white letters on a black screen, they get away with a lot of stuff. They get threatening letters from Bell Cores. They like to publish them in their magazine, but they haven't been taken to task for any of that. You don't see them in any sort of court for this and the mere fact that the very document that they are saying was so proprietary was available for $19.95 from the Bell Core order line. That sort of stands to prove that they were just looking for a scapegoat, a figurehead in the underground community to use as an example for the rest of the people to say, "Well, we'll take down Phrack. That'll show them. That'll scare them." It's the same kind of thing that they tried to do with The Legion of Doom. They said, "Well, we took down the Legion of Doom." I heard it from one person, you know, you cut off the head, the body will die. It's like, AT&T or somebody had somebody map out the computer underground, they had Phrack magazine in the middle of a hub and the Legion of Doom above that; arrows going and pointing out how the computer underground networks together, and obviously, these people think there's a little more structure to it than there is. They don't realize that it's complete anarchy. I mean, no one's controlling anybody else's actions. To set out one example and hope that everybody else is going to learn from that one example is ludicrous. GA: What sort of problems do you encounter publishing it? CG: It takes up a lot of my time, my spare time, which is growing incredibly smaller and, I mean, I've overextended myself on a number of projects and since I've definitely got a commitment to Phrack, it's one that I can certainly shirk if I decided to since I'm not indebted to anybody to do it really. I'm not going to pass it up because I really want to make sure it continues to be published. That's the biggest problem I face, time. Then there are people who say, "Oh, I'm going to send you a file on this," and they don't. You know, thanks a lot. And I always rag on those people. In fact, in the beginning of Phrack 44, I said, "Yeah, and for the people who said they're going to send me a file and didn't, you know who you are, and you always have to live with your own guilt." I mean, it's typical hacker stuff. "I'm going to do this." And they start it and they forget about it. GA: It's funny though because I've had incredible cooperation from those people; more than I've had from any other community that we deal with. Do you think it's because I'm a girl or because it's on paper? CG: Well, it might be a little of both. The kind of files that go in Phrack, I don't think Gray Areas is going to publish. You know, how to use the Role 9000 CBX, or here's how to hack system 75's, or secret sectors and units, or publish C programs. You get a different type of thing. Maybe there are people who feel a lot more comfortable writing cultural type pieces or special interest pieces than they would writing technical stuff. And to try to compensate for that. I've put in a lot more stuff in the issues that I've been dealing with, to deal with the culture. Like I started something last issue trying to get people from different countries to write about what it's like in that country. And I had a file in from Ireland; I had a file in from Germany; I had a file in from Canada. This issue I've got another one from a different part of Canada and I've got one from Sweden and I'm waiting on a couple of others. Because, as the computer underground goes, it's, people like to have this idea that it's this closely knit thing of all these hackers working together, and see how they're trading information. But it's not. I don't know anything that's going on in other countries except for what the few, select people from those countries who hang out in the same areas that I do tell me. But there's so many people and so many countries doing things. They've got their own little pirate wares, trading scenes, they've got their own little virus scenes, they've got their freaking things. Stuff that works on their own system, only works in their country; and they have their own secret ways of doing things, and their own networks that they like to hack, and they all hang out on certain deals and they have their own little lore about the busts, or super hackers from their country, and that's the kind of stuff that's just great to find out. Because, otherwise, you would never know. And it's really, really interesting to read what these people are up to and no one names names. They're just talking about what it's like to be a hacker in their country, and that's the kind of cool stuff that I want to continue to do. ======================= GA: I suppose we should get into your background and how you became qualified to run Phrack. CG: I don't know if it's a qualification to run Phrack... GA: Well, obviously, there are an awful lot of people who could have been considered but weren't. CG: Yeah, well, I guess so. GA: What sort of stages did you go through? From the time that you first discovered computers and so on until today? CG: I kind of went through an exponential learning curve from the very beginning and it plateaued out for a while and it's just been a steady growth since then. At least I tried to maintain that because there's so many new developments that come out and I try to stay abreast of everything that's going on. I started messing around with computers a very long time ago. For any number of reasons, I always have problems trying to place the exact date. GA: What sort of computers were there? That dates it a little. CG: Well, the very first computer I did anything on with a modem was an Apple II, and a micro modem II. It was a friend of mine's dad's. He was a lawyer. He got it so he could get on Dialogue, because it was like the brand new service for lawyers. They could go on and look up legal briefs and it was all exciting. So, this friend of mine was showing it off, I guess maybe 5th grade, 6th grade, somewhere around there? A long time ago. And, in order to get on Dialogue, you had to dial this special number. Well, we got on, followed the instructions, got on Dialogue, looked at it, said, "This is really cool." And we noticed that, "Well, gee, in order to get on Dialogue, you have to dial this number" which was 415 something. Well, what happens if you type in a different number? So we typed a different number somewhere else. And, that was sort of it. We spent the vast majority of that night trying different addresses on Telenet and actually got into a system. And, this was the first time I had ever been on a modem and, I mean, it was just natural. We were like, wow! We didn't have any concept of what a network was, we couldn't imagine what this meant. The concept of being able to call one little number and connect to computers around the entire country was so mind boggling, so strange to us that we were sucked into it. As a little bit of background to this, I had already been messing around with telephones before this and this is a ridiculous story that a lot of people give me a lot of s--- about but, I mean, I don't really care. A friend of mine and I had stolen a dirty magazine from a convenience store and rifling through it, it was like a High Society or something like that. GA: Probably not. There were no such things then. They didn't start until 1975-76. CG: Well, this is back in 1980. I'm not that old. I turned 25 in May, so it wasn't that long ago I guess in the grand scheme of things. But, to me it was a hell of a long time ago. So anyway, we had stolen a High Society from them and in it, it said, "Call this number right now." It was 212-976-2626 or 212-976-2727, a brand new service. I said, "We got to call that number. We can't call that number, that's a long distance number, we'll get in trouble." It was like, "No, we gotta call that." So, we went back over to his house, and his Mom works. She was working, it's funny, she was actually working at Datapoint. She was at work, it was the summer, so we got there and dialed it up, listened to if for, like you know, some phone sex recording. Wow! You're a little punk kid, of course, that's just great to hear some crazy recording like that. We hung up after it was over and were like, "Man, that's great. We're going to have to call that other one. No we can't call the other one. He says, "Well, actually maybe we can, but if we're going to call it, we need to use this thing that my Mom's got." What thing? He said, "Well, it's this thing that's supposed to make her phone bill cheaper." And, it was a company that started up way back then called LDS. It was a Watts re-seller and they had a local dial-up number, you call up and you gave the operator who answered the phone a code, you read it out to her and she connected the call. I think at that time it was a four or five digit code. So we called up, gave it to her, gave her the number, the call went through. So, next time you call her back, give her someone else's number. Goes, "nah." So we called up, added ten to the number we had and placed the call. It was like, "Well, that's really cool." And it's funny that I've done that prior to doing anything on the computer because shortly thereafter, after being on the computer and discovering networks and after that, discovering bulletin boards, it became readily apparent to me how the marriage of the two was inevitable because there was no way in hell I'd be able to call a bulletin board any place other than down the street and not get beat to death by my parents for raking up very large phone bills. And after that, it kind of just shot up exponentially like I said before. From such humble beginnings. ======================= CG: Which connected, at the time, I think now they have limits as to how many people. At the time, it was basically unlimited. You could take as many people as you wanted on your conference. And they had a lot of different features that they don't have now. Like, you could transfer control. And we used to do all sorts of ridiculous stuff. One of my favorite tricks was to call up Directory Assistance and, at the time, I don't think they do this any more, I haven't really bothered to check in about five years, but at the time, Western Digital who made all the automatic call distribution systems for Directory Assistance since they were still the Bell system; they had a feature in there that would send it into a test mode. If you called up and just as the ACD system kicked in, it started to cue a call for the next available operator if you held down a D tone. A lot of your readers might not know this, but on a standard touch tone phone, there are really four rows and four columns and not three rows and four columns. There's an extra column that's left out and that's A, B, C, and D. Well, I had a phone that had A, B, C, and D on it. There's a number of different ways to build a tone generator, they'll do that and a lot of modems will make those tones or what have you. But, anyway, there was a trick at one time by holding down the D tone, if you called Directory Assistance, it'd throw the ACD into its maintenance mode. And, one of the features on this was to do a test of a circuit by establishing basically a loop so, if someone would call, hold down a D, get thrown into the maintenance mode, get the 5 key, they'd get onto one side of the mode. Someone else could call back in, hold down the D key, hit 6, get on the other side of loop, and then you could talk. Well, I used to call Directory Assistance from the conference, hold down the D key, hit 5, add that into the conference, the loop, transfer control to Directory Assistance and then call back in on the other side of the loop and then take control of the conference that way. So, if any of the test people who were working on the software for Alliance and working on getting the bugs worked out of everything, if any of the engineers would go back to look and see why these circuits were active and they'd look to see who was running control of this conference, they'd see it was Directory Assistance and it really used to confuse the hell out of them. We got a great deal of mileage out of that because, you know, I don't really think they knew how, but somehow it kept going. But anyway, on these conferences, I got hooked up with a group of really, really, really, really smart people and by sitting and talking with these people, and learning what they knew, because like I said before, everyone was really open and everybody wanted everybody to learn. If more people were working on a project, everybody had a better chance of learning and succeeding then if just one person decided to hoard it all to themselves. >From being on these conferences and talking about to all of these people and sharing information with all of these people, I was eventually asked to join a group that was being formed at that time and it ended up being called The Legion of Doom. GA: How did it get called Legion of Doom? Who named it? CG: I don't know. The person whose idea it was to start the group, his handle was Lex Luther and from the DC Comics, Lex Luther's infamous group of anti-heroes was The Legion of Doom, so it was pretty a natural choice. A lot of stuff has been attributed to it lately, such as it being a sinister type name. Well, Lex Luther couldn't possibly have called his group anything other than the Legion of Doom. Anybody who has every read a Super Friends comic knows that's exactly what it was called. As The Legion of Doom continued on in its growth and its endless quest of knowledge about different operating systems and networking technologies and phone systems and everything else, the reps of everybody involved in the group sort of kind of sky rocketed because everybody by us all working together, we had a better resource of knowledge to provide the people and by continuing to do so, everybody, I guess, built up a sort of respect for the group and some of it has even lasted to today, even though the group is no longer around. A lot of things that it affected still linger on in the community. GA: There's been a lot of debate about who was in that group. Seems like everybody in the world wanted to be. Ha, ha. So many of the hackers I meet say they were. CG: There are always going to be people who want to run around and say, "Yeah, I was in the Legion of Doom." And I know everybody who was in it. I've got a list of everybody who was in it and written about everybody who was in it. We all know who was in it, so it really does not make any difference. If some joker off the street is going to come up and say, "I was in The Legion of Doom," who really cares, you know, what's it going to get him today? It doesn't mean anything, because the group is not around anymore. Um, if they know something, well, their knowledge alone should speak for itself and should not have to relay on the name of some group that does not exist to try to perpetrate some sort of false image to other people, so it really doesn't happen that often. We see people like Ian Murphy, for instance. I've still got newspaper articles with him in it saying that he was in Legion of Doom, and in fact, he has told some people, and some business acquaintances of mine, I guess in some desperate attempt to generate revenue, that not only was he in Legion of Doom, but he founded it, ha, ha, so, that's nice and he can continue to delude himself in a lot of things. If anybody wants to live in delusion, well that's their right, I suppose. It doesn't mean anything to me. GA: Isn't there a new Legion of Doom now? CG: Well, I really don't want to get into that too much. There was a young Canadian fellow who decided that it might be a good idea to start the new Legion of Doom and within like say an hour after that got posted to the Net, we were on the phone with him, telling him what a bad idea that was. It was myself and Scott Chasin who called him up first and he said, "Well, I think The Legion of Doom was a real important thing for the community and I just want to see it continue" and this and that. I said, "Who are you to come out of nowhere and think that not only do you have enough knowledge to say that you could have been associated with The Legion of Doom, much less to usurp the name? The name is dead, we put the group to rest and we want it to stay that way. He said, Well I'm not going to change it and as soon as you see the type of journal I put out, you will be really impressed." I said, "If your magazine is good, it will stand on its own merit and you don't need our name." He said, "Well you retired the name and that means it's fair game for anybody else." Okay, well so there is no talking to this guy, so I said, "Well I want to tell you this Cameron, Scott and I are the first to call you, there will be many others. We are the nicest. It's not going to be pretty for you and I just want you to know that." And let's just say there is no more New Legion of Doom. It was kind of an interesting experience for everybody because it did get a lot of the members back in contact with one another. A lot of us had gone our separate ways. The members grew older. The group was founded in '84 and here it is almost '94, I mean that's a long time for, you know, a bunch of people to stay in contact, regardless of whether or not it was for some silly little computer group to form a net. So it was nice to catch back up with a lot of people. It's really refreshing to see that damn near everybody who was ever involved in the group is doing very well for themselves in their chosen careers or professions, or graduating with high graduate degrees, Ph.D.s, Master Degrees, and things; it's certainly not what one would expect from the world's most infamous hacker group, but that certainly is what happened. But, you know, the whole Cameron Smith New Legion of Doom thing, it didn't accomplish anything for him, but it certainly did accomplish something for us. It got a bunch of us back together again. I don't want to sound grateful to him for it, but it worked out pretty well. GA: How did The Legion of Doom originally break up? CG: Well, The Legion of Doom kind of went through three different waves. You can kind of chart the history of the computer underground, it sort of runs parallel to the history of The Legion of Doom, because you can see as the new members came in, that's when all the busts happened. People would either get nervous about the busts and move on and go to college and try to get a life, or they would be involved in some of the bust and some of them would leave that way. So it kind of went through three different membership reorganizations. You can tell who came in where because of what was going on. It finally kind of folded. I had talked to a bunch of members somewhat recently, within the past three or four years and I said, "Well maybe we ought to try to do something, we need to get some more members in and try to work towards a different end." At the time, there was still the infant of an idea about going into consulting by building together this last insurgence of Legion of Doom. I talked to several people and wanted to try to track down newer people, so I talked to the members who were still active and asked are you still interested in doing this again, because we've got some other things that we want to try to focus on and as stuff starts to progress, something might come out of it. I'm doing something with some other people, and we got people who are experts in different types of fields, and we were talking to people who are experts in mainframes, in telephony, in Unix, and all sorts of different stuff and as that started to progress, we got a bunch of people in the last new membership drive for the group, did a few things, and as that started to go on, most of my main focus started dealing in with a few people from the last insurgence about trying to form this consulting company, which ended up being Comsec. We finally decided that's what we were going to do and we were serious about it, we said okay well then maybe we should just dissolve the group, because if we are going to have Comsec, we don't need Legion of Doom, 'cause this is what we want to do. Instead of spreading the knowledge around the net in the form of text files free, we were going to spread the knowledge around the corporate world for money. It really was a logical progression to us, because, you are not going to be 35 years old and still trying to break into the systems somewhere; the thrill doesn't last that long and if it does, well, you need to get a life or a pet or something. There is no reason why someone who even has an inkling of maturity, not to say that I do in the least, should be wasting away their life gathering up how many university systems they broke into. So after we finally made the formal decision, we talked to some people and said well, we were just going to say goodbye to the group. Everybody who was still active or interested from the group was like look, you know, when this thing takes off, we want all of you to be there. When we need more consultants, you're the best, and everyone was all up for it. That's what happened. GA: Let's stick with The Legion of Doom for awhile. What was the relationship between The Legion of Doom Technical Journals and Phrack and Phun? CG: Well, it's kind of funny. Originally, I think this was something that Craig and Lex had done. Originally, there was going to be a Phrack issue that was going to be the Legion of Doom Phrack Issue. It was going to be Phrackful, nothing would follow us but Legion of Doom members and it went on and on and on. I guess Lex had collected enough files, he was like, "I don't want to give these to Phrack." So, he stuck them together in the Legion of Doom Technical Journals, since it was all Legion of Doom stuff anyway, might as well go ahead and put it out ourselves. And I don't know if that was something personal against Craig, I really doubt it because Craig and Lex have always been friendly enough. I just think that is something he decided to do. From that there were three others published, so there was a total of four Tech Journals. They didn't come out in any sort of organized order, they just sort of came out when they wanted to come out. It was like they were done when they were done and they appeared when we were finished and that's why there were only four for a group that was around for so long, but they were fairly timely when they were all released and I guess everybody really appreciated the kind of knowledge that was in them when they came out. Looking back, I don't know how much interest someone is going to get on how to hack Tops 20. I d like to find the Tops 20 right now. It doesn't exist. So the knowledge that was in those things is fairly dated, but at the time, it was very timely and people appreciated it. ======================= GA: You were busted in 1990, right? CG: Nope. GA: How did that go down? CG: On March 1 1990, I was raided by the Secret Service, but I wasn't busted. There is a big distinction there. Just because they came in my house and dug through my stuff, that doesn't mean anything happened. Let me give a little preface to that. Several months prior, I received notification from the University of Texas that my school records (specifically mentioning my computer accounts) were being subpoenaed by a federal district court judge in Chicago. I knew very well that was the district that William Cook was in, so I trotted on down to the Dean's office at the University of Texas and said, "Hi, I understand my records have been subpoenaed. I need a copy of that for my lawyer." So they ran me off a copy of it and sure enough there's William Cook's name. So, okay, I was right, and I went home and vacuumed the house and cleaned everything up nice and neat for them, started placing little notes in various places. I had little notes that said, "Nope, nothing in here," put that in a drawer and a little note that said, "Wrong, try again," put that in there and little things everyplace that someone might look to try to find the secret hacker notes. I printed out a copy of the 911 document, nice laser printed copy, laid that out and fan folded it over my desk. I went down to the Federal Building, picked up brochures on how to became an FBI agent and a Secret Service Agent, set those out on my desk. I got a printout of several different things, laid those out all nice and neat, had some Phrack issues, I had some messages off of the Phoenix Project, I had all this stuff laid out. It looked like a little alter, a shrine to the FBI. Well, sure enough a couple months later, there they were. And I also put some notes on my computer account at UT. I made some really large files, like cordons and named them dot master, dot password, dot zip, just stupid names, you know that tack ID's, and left these sitting in my account. All this noise. And then I made this one that said, "Secret Info." If anybody would have bothered to read that, it was like a 10K file of me saying, "Anybody who would take the time to search through my files and try to find illegal information is a complete scumbag." Sure enough when they came to visit my house that morning, I woke up to the sound of people running up my stairs and their screaming, "Federal Agents - warrant," then they came in my room, "Out of the bed." Leading the pack is Special Agent Tim Foley, and he's got his service revolver out, and he's got it pointed at me. He's a pretty big guy and I'm me. I don't present a menacing figure to most and especially at 6 in the morning in boxer shorts, ha, ha. It just looked like I'm going to jump right out and start ripping peoples' heads off, so he quickly put his gun away. Nonetheless, he did have it drawn. I like to point that out. Hackers are a notoriously violent group of people who are known for their physical prowess, so guns are definitely always necessary. (said sarcastically) So, they ordered me downstairs and held me in the kitchen. I immediately said, "Let me call my lawyer," and they said, "You'll get your chance." So, they started going through all my stuff. I heard them up in my room, rifling all though my drawers and about an hour or so later, one comes down and hands over one of the Secret Service Brochures that I had. He says, "So, thinking about joining up?" I said, "Well, I think I could probably do better than some people." He didn't like that remark. He said, "Well, I think our requirements are a little more stringent than to let in the likes of you." I said, "Well, it shows." He didn't like that very much either. I said, "So, what's your degree in?" He said, "Well, I'm not going to tell you." I said "I'm just making conversation." So they continued on in the search of my house and when they found absolutely nothing having anything to do with computers, they started digging through other stuff. The found a bag of cable and wire and they decided they better take that, because I might be able to hook up my stereo, so they took that. I have an arcade size PacMan machine, which of course, one of the agents decided was stolen, because a lot of people slip those into their backpacks on the way home from school. So they started calling up all the arcade vendors around town trying to see if this had indeed been stolen. The thought of me wheeling an arcade size PacMan machine down the street, just didn't occur to them. So, finally, I said "Look, I bought it, here's the guy, call him." So they finally gave that up, so then they started harassing me about some street signs I had in my house. I had a Stop sign. I had a No Dumping sign over the toilet. "You need to get rid of those, it's state property, if we come back here and you have those, we are taking you downtown." I go like, "Okay." So then they started looking for drugs, and one guy is digging through a big box of, like a jumbo family size deal of Tide we bought at Sam's, it was about three feet tall and it was one of the monster size things. This guy is just digging through it, just scooping it out, his hands are all turning blue and sudsy from digging through this detergent and Foley walks over to him and says, "Well, I think we can safely assume that that's laundry detergent." So, Foley comes back in to where I'm sitting in the kitchen and I've been freezing my ass off, so they had let me get a jacket, and put on some jeans, and he says to me, "Well, I want to show you something." He whips out some business cards that I had printed up for SummerCon a few years ago, that said, "Erik Bloodaxe, Hacker." It had a little treasury logo on it and he says, "Impersonating a Federal official?" "Well, it doesn't say anywhere on there, 'Chris Goggans, Special Agent.' It says, 'Erik Bloodaxe, Hacker.' Whoever this Erik Bloodaxe character is. It might be me, it might not. I'm Chris Goggans and that says, Erik Bloodaxe, Hacker. Just because the seals there, it doesn't mean anything." He says, "Well, if you don't tell us everything that there is to know about all your higher ups, we are going to be pressing state, local and federal charges against you." I said, "On what grounds?" He goes, "We want to know everything about your higher ups." Which I'm thinking, gosh, I'm going to have to turn in the big man, which is ludicrous, because there is no such thing as a higher up, but apparently they thought we were a part of some big organization. So, I said, "Well, I'm not saying anything to you, I'm calling my lawyer." And I already had told my lawyer previously that I would be raided shortly and that I would be needing to call him. So I called him and said, "Hi, this is Chris and the Secret Service is here and I'd like you to speak to the agent in charge." And he said that my client declines any sort of interviews until such a time that I can arrange to be there to represent him in an official capacity and I'll need your name and I need all the information. The agent said, "We will be in touch." And that was it. They gathered the bag of wire and the printouts of the 911 document, how to be an FBI agent, the printouts of the Phoenix Project messages, and they trotted on off. As they were walking out the door, one of the guys kind of looks over at my television set and he says, "Hey, why is that video game plugged into the phone line?" And it was kind of like a Homer Simpson, cause Foley trots over and I had a 300v terminal, which is what I had been using to get on bulletin boards with. It was plugged into the phone. It was a little membrane keyboard box. All it was was a modem. So they bundled that up and stuck that in there, and they went on their merry way, and I followed them out to the car, and wished them well, and wrote down their license plate, and went back into the house, and got into my car, and went driving around calling up everybody else around town to see if anybody else had been raided. GA: Had they? CG: Yeah, at the same time as what was going on in my house, the house of Lloyd Blankenship was being raided, The Mentor, as well as the office place of Steve Jackson Games, where Lloyd worked, which ran into a huge fiasco later on down the road for these hapless agents, but that's an entirely different story. ======================= GA: Did you ever do any malicious hacking? CG: No. To be honest, there were a couple of times I actually considered such a thing. At one point in time, we had access to South African Government computers, like South African Treasury, things like that and we were thinking, should we take it down? Nah, we better not do that, can we just change the message of the day to something like some anti-apartheid statement, some sort of politically correct thing. It was all a big joke to us, we certainly weren't thinking about that, we just figured it would really piss them off, but we never did it. When the Russian x25 network went up, we were right there on it. They can't bust us for hacking Russia, I mean, who would? What were they going to say? It's like, "You should hack them, because they are our enemies, well maybe you should hack them," so, we were just going after the Russian network pretty hardcore. Malicious hacking pretty much stands against everything that I adhere to. You always hear people talking about this so called hacker ethic and I really do believe that. I would never wipe anything out. I would never take a system down and delete anything off of a system. Any time I was ever in a system, I'd look around the system, I'd see how the system was architectured, see how the directory structures differed from different types of other operating systems, make notes about this command being similar to that command on a different type of system, so it made it easier for me to learn that operating system. Because back then you couldn't just walk down the street to your University and jump right on these different computer systems, because they didn't have them and if they did have them only several classes would allow you access to them. Given the fact that I was certainly not of college age, it wasn't really an option. You didn't have public access to systems. All you had to do was call up and ask for an account and you'd get one. So, the whole idea of doing anything destructive or malicious or anything even with malcontents using computer systems to track information about people or harass people, that just goes against the grain of anything that's me. I find it pretty repulsive and disgusting. I am certainly not blind to the fact that there are people out there that do it, but obviously these people have a s---ty upbringing or they are just bad people. ======================= GA: How about books that have come out about hackers? CG: Well, I'll take a stab at that. The Hacker Crackdown I found to be a very schizophrenic piece of writing. I still to this day have not read it completely. I found it very hard to follow and I was there. It is very hard for me to read that book and follow the chronology. Everything is on the money and he did a very good job of making sure the facts were correct, but it's just hard for me to read. Maybe that's just a criticism of his writing style. Approaching Zero, I didn't really care for that too much, more specifically because they just basically out and out called me a traitor and said I was keen on selling secrets to the Soviet Union. Maybe you ought to ask the IRS about all that money I got from the Soviet Union, because I haven't seen it, but I'm sure I'll be taxed on that too. But I found that rather disgusting and after that book, I actually had a conversation with one of the people who was writing the book. A guy named Brian, actually called us up at Comsec and I talked to him for about 30-45 minutes about things and next thing I know, nothing we really said ended up in the book. A bunch of people were misquoted, left and right. All the stuff about the American hacking scenes, off the mark. People were quoted as saying stuff that they never said, things supposedly from bulletin boards that were not on bulletin boards. I don't know where this information came from, but it's really just off the money. I guess if you know something so intimately, you are always going to be critical of anything someone says about it because they don't know it as well as you do, so you are always going to find fault in something. So maybe I'm just being overly critical. ======================= GA: While on the subject of Comsec, you have said that you have gotten bad press. From where? CG: Well, I think an article saying that I have been arrested in the past for breaking into Bell South, or books being published saying myself of The Legion of Doom destroyed the 911 Network in nine states just to see if we could do it. Things like that which are just out and out lies. I'd say that was pretty bad press. GA: Did Comsec fold because of personality problems, or a lack of business? CG: Comsec folded for a number of reasons. The press aspect weighed heavy. We were basically blacklisted by the security community. They wouldn't allow me a forum to publish any of my articles. It essentially boiled down to, with the trade magazines, at least, they were told by certain members of large accounting firms that they would pull their advertising if they associated with us, and when you are a trade magazine that is where all of your revenue comes from, because no one is paying for subscriptions and they can't afford that loss. They were more interested in making money then they were in spreading the gospel of truth in security. But hey, it's a business, I guess you have to take that. I had speaking engagements pulled. A head of a very large security association promised me a speaking engagement and then decided to cancel it and didn't bother to tell me until a month before the conference. I talked to him and he said, "Oh, well I should have called you." This is like one of the largest security associations in the country and the second largest. So we had that kind of treatment. Some of these conferences, since we were not speaking at them, we could not really justify spending thousand of dollars to fly out there and attend. We were cut off from a lot of things and since we did not have a presence at these conferences, a lot of our competitors used this to target the companies that we were marketing. You would have these MIS directors from large oil companies out there, and you would have other people going up to them and saying, "You're from Houston. You are not dealing with those Comsec folks, are you? Well, you know that they are nothing but a bunch of crooks out there." So, one very large oil company, we had already had all of our paperwork passed though all of their legal departments and it was just waiting to be signed; it had already been approved and money was allocated in the budget and we were ready to rock. This would have meant a large amount of money over a period of several years. Well from going though all of these friendly happy negotiations and papers ready to be signed, to XYZ oil company does not do business with criminals, Click! Who talked to this guy? Who feed him this nonsense? Well, we got a lot of that, certainly that weighed heavy. The fear that came from companies like DeLloyd Touche.I will single them out especially because some of their larger consultants were very vocal in speaking out against us, in the very forums they denied us. They used the magazines as a place where one particular consultant said something like, "Can we lie down with dogs and be surprised when we get up with fleas?" I mean, I don't deserve that type of commentary. I don't think anybody does. It is certainly not a mature attitude for somebody who is supposed to be an upstanding ethical consultant to use a trade publication to vent his frustration against his competition. But, hey, it's a free market and if he has a forum and they gave him a column, well I think he can write whatever the hell he wants. Sure, I was in The Legion of Doom. I have been in everybody's system. But I have never been arrested. I have never broken anything, I have never done anything really, really, criminally bad. There is a difference in doing something illegal, you like walk across the street at the wrong place and you are committing a crime, but that does not make you a criminal, and there is a big difference between different types of behavior. By all these different forces saying so many negative things about us, we had our work cut out for us. To be honest, they had us beat. They had the deep pockets. They could wait us out. They could keep saying bad things about us forever. They had hundreds of millions of dollars so that even if they weren't making money they could sit on it. We didn't. Eventually we could not do it any more. I had overextended myself. I sold off all my stock, all my personal stock. I had a bunch of stock in energy companies and things like that, that was in the past supposed to be paying for my college education, and I gambled it away on Comsec and I ran out of money. I needed to eat, I needed to get a job, I had to move, I couldn't afford it anymore. And everybody was basically saying the same thing. Scott didn't have any money, Rob didn't have any money, our sales guys were getting really antsy because they were having a real hard time closing sales, so we just had to shut down. ======================= GA: Any thoughts on where technology is going and how hacking might change in the next couple of years? CG: Well, like I said earlier, the Internet is a very scary place with a very, very limited set of knowledge. One person could take down a majority of the network and for so much trust and need to be placed in a network that is so inherently unstable because of the protocol that drives it. I mean you don't plan a trip across country in a 1957 jalopy! You go out and get a new car, or you rent a good car, you don't put all your trust in something that ain't gonna work. And it works well enough for a lot of things, but for people to trust their entire enterprise network to stuff over the Internet, they are asking for trouble. And as people become more familiar with the entire protocol sweep, they are going to find out that there is a world of hurt about to happen, and in the next few years, people are going to be real surprised when stuff starts going down like crazy. That's going to be the biggest thing to happen. I would imagine that all the cellular problems are going to disappear because the advent of digital caller is going to remove all this problem. A lot of things are going to change. I imagine people, hopefully, will once again get more and more into writing software and doing more productive stuff. With all the wealth of knowledge that is coming out of every community, even in the underground, because people are exposing bugs and people are changing things, so eventually people are going to be able to make all types of systems, robust enough to survive different things. So out of all this turmoil, some good is going to come. And from that, once all the problems have been corrected, people will be able to direct their energies into a more positive thing, like developing applications, writing software and focusing their attention on doing neat, nifty tricks, rather than doing neat nifty stupid tricks, ha, ha. You are going to see some really, really cool stuff that is going to blow your mind and you are going to be able to carry it around in your hand. You are never going to be out of touch anywhere in the world, so, I think that will be very cool. ======================= GA: We should certainly tell people how to subscribe to Phrack, and the prices on the LOD disks. CG: Yeah, people who want information about Phrack can mail me at: Phrack@well.sf.ca.us and for information about the BBS Archive Project mail: LODCOM@Mindvox.Phantom.com GA: Thanks Chris! G: Thank you.----------------- REVIEW OF SLIPKNOT 1.0 By Scott Davis, Editor (dfox@fc.net) SLIPKNOT 1.00 By Peter Brooks. Tested version 1.00 on a Dell 466/XPS 16 meg of RAM, Windows for Workgroups #9 GXE 64 Pro video card (2 Meg Vram) Boca 28.8 Vfast external modem On December 23, 1994, I contacted Felix Kramer (felix@panix.com) to let him know that I would be happy to run his article/promotion for the software called 'SlipKnot'. At that time, he asked me to ftp the software and test it out, and follow up with a review of the software in this issue of the magazine. So, here it is... The software was designed by Peter Brooks. SlipKnot is a graphical World-Wide-Web browser for PC users running Windows 3.1+ or a higher level of Windows. It is designed for modem users with ordinary dial-up UNIX shell accounts. It does NOT require SLIP or PPP or TCP/IP services in any form (no TIA or remosock, etc. if you are familiar with these products). The system requirements are Windows 3.1, Windows for Workgroups or higher, running in 386 Enhanced Mode (SlipKnot cannot be used on 286 processors). Not yet tested with Windows NT. You must have at least 4 MB of memory, recommended 8MB. We have noticed memory deficiency errors at 4 MB. Also, at least 2 MB of available hard disk space is required. SlipKnot itself takes approx. 1.5 MB. When working, SlipKnot's job will be to download documents for you from the Internet, and these may require plenty of hard disk space. Mouse or other pointing device required (cannot control SlipKnot via only the keyboard). Your UNIX system must have either the program "lynx" (version 2.2 or later) or the program "www" available. If in doubt, log in to your host, and try to execute either of these programs. You will then know immediately whether they are available. To find the version of lynx on your UNIX host, execute the UNIX command: "lynx -version". Your UNIX host must have a program to send files to you via either the Xmodem or Ymodem protocol. The actual name of the programs that perform these file transfers changes from system to system, but try the commands "sx" (for XModem) or "sb" (for YModem). If these fail, ask your system administrator or some other knowledgeable person. Likewise, you will need to know the name of the UNIX program that will receive files from your PC using Xmodem or Ymodem. Your UNIX system must be able to display individual file sizes using the "ls -l filename" command. If "ls" has been renamed or works differently from normal, SlipKnot will fail. SlipKnot was created because, at that time, there was no other alternative to accessing the World Wide Web graphically if you did not have SLIP or PPP or TCP/IP access. Having analyzed Mosaic and some of its competitors, I concluded that all of these browsers were designed for people with very rapid communications channels into the Internet, not modem users. Even if you have SLIP access, most of these browsers do not allow you to save entire documents (with the included pictures), forcing you to retrieve the documents again whenever you wish to take a full look at them. It takes a while to retrieve any document by modem with any browser, and you shouldn't have to do this more than once. Now the good stuff: First of all, Slipknot is a fantastic idea. To be able to use the World Wide Web and only requiring the end user to maintain a normal account on his/her provider is great. This allows the user to have Web access without paying those occasionally high rates for a SLIP or PPP connection. I ftp'd the Slipknot software and installed it. I was very happy that it installed without any problems. Configuring the software was fairly painless. The biggest part was taking the time to edit the login script for my service provider... and that step is not even necessary since Slipknot allows you to conduct manual logins of you so choose. I was finally ready to dial out. Everything was working like a champ until about 10 minutes into my session when my entire system locked up. I had to do a complete shutdown and start over. No big deal, I thought. I attempted again, as the 10 minutes that I did use it was a great experience. I had never seen an application that could do WWW over a normal user account. It connected perfectly and was working fine for another few minutes...then it locked up again. I began to worry. I noticed that both times it locked up I was accessing the Federal Bureau Of Investigation home page (FBI). Maybe Slipknot was not compatible with sites who promote the Clipper chip...Hahahaha. Not the case, unfortunately. During the course of the day, it locked up at random. I tested my computer hardware to see what the issue might be. There was no hardware problem. My computer has never locked up on my under any circumstances before. I am not going to give this software a bad review because it locked up on my system. I polled some users on the Internet regarding their experiences with the software and here's what some of them said; SLIPKNOT version 1.0 really works without a SLIP/PPP acct. In my case it installed quite easily, with minimum tweaking (certainly less than to install TIA). It opened the WWW to me. Next versions, should have FORMS support. That is a must and is urgently needed, because many WWW pages contain forms. Other than that, SLIPKNOT is highly recommended for a low-budget approach to WWW. [one@netcom.com] ========================================================================= I find it to be a an incredibly clever idea, and it works quite well with direct dial. Some problems with images and sound via telnet/rlogin, but not a big problem. The idea of being able to web-surf without SLIP is very attractive, especially for the dial-up user as so many of us are. With the "load images" turned off, it is much faster, and you can selectively load them. but since it uses Lynx as its engine, why not use Lynx for imageless surfing. Speed: I compared it to my SLIP account with NCSA Mosaic and Netscape. It loads images, etc. a bit slower than Mosaic and a lot slower than Netscape. Installation and Set up: simple, esp as compared to the fun you can have installing say Netscape and all the winsockets stuff, and IP/DNS configuring. Look and Feel: I'd like a larger document window, but the pulldown menus, etc. will make surfing easier for the newbies. Overall - a nice, inexpensive alternative to SLIP/PPP, especially for those fairly new to the net and like that point and click feel. NB: another alternative for an "on the cheap" approach to the Web is The Internet Adaptor -- I have it installed in my dial-up unix account, and it is slick: it emulates SLIP, and works very well. I'm getting rid of my SLIP account because I have TIA. If you have ever set up a SLIP, it is pretty easy to install and set-up. If not, you'll spend some time. Cheap too. - Jill Ellsworth ========================================================================= Very nice and easy to use developmental software. Web works well and the terminal mode is functional and adequate for most users. everything available from your Internet provider can be accessed, just as with a full blown commercial package like ProCom, etc. Some limitations on bells and whistles apply. Inability to support ftp and gopher from within the html page is a bother, but as development continues I hope Peter Brooks will be able to add that capability. Direct link to obtain upgrades and the automated upgrade installation built into Slipknot is a neat touch. I am currently using Version 1.00 and have sent in my registration fee because I want to encourage continued development. I really appreciated the opportunity to evaluate the fully functional application. - Steve Seteroff (seteroff@kendaco.telebyte.com) ========================================================================= You're a brave man to ask for opinions on the Internet! I got SlipKnot right after it was released. It is a wonder. Last night I got the latest version "g". I am so pleased. Peter Brooks and Felix Kramer (?) have a winner on their hands. I had tried to install netscape, tia, and winsockets about two weeks before I saw the announcement, and failed. The only problems I had in the installation of SlipKnot were ones anticipated in the help screens. (RTFM, dummy!) Peter Brooks was on the newsnet answering questions almost 24 hours a day. 1. Easy to install. 2. Cheap. 3. Easy to use. 4. Fun! And all this praise from a DOS command line freak. I told PBrooks in an email that I hate Windoze and had been threatening my son to take it off my computer (he uses my printer and MSWord). I complained to PBrooks that now Brendan knew I wouldn't follow through on the threat. I have an indispensable program that needs Windoze. Now some cautionary notes. ... Sorry I don't have any reservations. BTW, I am not Peter's mother, nor do I have any affiliation with anyone associated with MicroMind (a moronic name...like, encephalitis, dude!). If you have any particular questions, I would be glad to respond. My guess, judging by the activity in WWW newsgroup, is that you'll have more response than you can handle. Good luck with the story. Happy holidays. (BTW I tipped off the LATimes computer technology reporter and he just responded that he'd heard about it. Here mosaic applications are bringing the Web to millions and it's news, but a shell account enabler is ignored. Go figure.) Go SLIP not! Mike Howard (mikeh@netcom.com) ========================================================================= I think Peter has a good product. It is still in Beta Version. For example I can not Down Load large files (over 19,456 Bytes). I am sure Peter will find a fix but for now SK is for the experienced user. John Hammond (jhammond@unicomp.net) ========================================================================= I found it easy to install; unfortunately it crashes every time I try to get something off the web and I must do a hard reboot - thus Dr.Watson can save nothing, nor can slipknot's built-in debugger. I haven't yet contacted the authors. Bennett Price (bjprice@itsa.ucsf.edu) ========================================================================= I have used SlipKnot for about six weeks and have come to rely on it for an easy alternative to mistyped Unix commands. Since I work in a high school that does not yet have Internet access, I foresee SlipKnot as a way to hook the uninitiated into the 'Net. Teachers and administrators who are not already convinced about the utility of the Internet would probably be turned off by a Unix command line. Although downloading graphics through SlipKnot is slow even at 14.4, for the inexperienced user, this wait time is surely preferable to using a straight text-based Web browser. While I approve of Version 1.0e as far as it goes, I can certainly suggest a number of needed improvements: 1. gopher support 2. telnet support 3. forms support 4. better resource management (I run SlipKnot on a Pentium with 16 Mb of RAM and yet often run low on GDI resources) 5. improved error handling when the 'Net is busy or a page cannot be found 6. automatic redial in the terminal mode (Maybe this can be done with a script, but I could not see how.) 7. Z-modem or Y-modem batch transfer support in terminal mode. Don't get me wrong. I like SlipKnot. Everything can be improved. I am sure at Micromind. they are already at work (at least mentally) on these suggestions. Jeff Ratliff (tratliff@whale.st.usm.edu) ========================================================================= I have found Slipknot to be a very worthwhile product. Its ease of set-up is a definite plus. I downloaded Slipknot and had it installed and running in a very short time. The installation instructions addressed the few problems I had getting it running and then I was off -- surfing the Web. My main dislikes of the software are the small window size and the ability to open only five documents at the same time. I understand that these two complaints are being addressed by the next version. If you don't have direct access (i.e. you connect through a dial-up shell) and don't have a SLIP or PPP connection, Slipknot is definitely worth it. Kenyon Jon Michael (mkenyon@jove.acs.unt.edu) ========================================================================= I've been using Slipknot for a while now, and I'm very glad it's around. I think it's seriously necessary, because there are a huge number of people who get their net.access through shell accounts, and this allows you to get a fuller Web experience than with Lynx. However, the program has it's problems, and there is a lot of advancement that can be made in the future revisions. For example, forms are not supported, so your Web use only goes one way; you can't reply to things, write mail, make suggestions, etc., or for that matter, be verified for logins like on HotWired. That's a huge pain. Another problem is the inability to use gopher servers, something that's still widely implemented and integrated with the Web. And, of course, Slipknot is also a bit buggy; any errors, and the program quits rather than moving on, it displays certain dialog boxes more than once in a row, etc. IOW, it's a good idea and good start for a much-needed program, but it still needs work. However, with some more tweaking and advancement, it will be a very solid program. Bill Pena (billpena@genesis.nred.ma.us) ========================================================================= I got (and paid) for Slipknot, and am currently running v1.0 with the "g" patch. My host is a "pay" unix system that I call in to get my mail on my "term" account. I am using the program on a 486 cryix 40mhz system. The program is not perfect. It still has some bugs to work out, and lots of features to be developed (forms, gopher, etc do not work at this time). But!!! even with though the program is still in its early stages of development, I find it VERY useful, and it DOES allow me to view http documents with the graphics. I get good 14400/v42bis connections via the automatic log-in script (that must be user customized) and acceptable download speed of the http. With the program running under Windows 3.1, it does take a moment to analyze the downloaded text to "find" the embedded graphics, then download the graphics, plot the series of files, then display the document. With the program currently costing $30, the difference in the cost of my term account and a slip/ppp account is a lot more than the cost of Slipknot. I use the internet for e-mail and netnews more than a place to surf just to look at images. As such, my primary access to the net is via term with a text editor for mail/news replies. When I want to check out some http/url, I just hang up and call back via Slipknot. I don't use it all the time, so when I need it, it is there for me. Being shareware, it is perfect for the user to "play" with to determine if he/she wants to continue to use it, prior to paying for the program... and even with its limitations, it is still a deal at $30. and with the authors still working on it, it is sure to get better and better. Tom Stangler (stangle@infi.net) ========================================================================= It works as advertised. Last I checked, it doesn't do forms or telnet connection links It has trouble handling some inline images. Just like TIA, your provider can tell if you are using SlipKnot, and if they wanted to, could ban it's use as going beyond the services provided with your class of account. RCI doesn't have any restrictions on TIA or SlipKnot... Kevin Kadow (kadokev@rci.ripco.com) ========================================================================= (Slipknot review continued...) As you see, we have a wide range of comments here. I believe that most people realize that it still a very young project and has not yet attained it's full potential. If you will note, there was one other person who replied to my request for comments who is having the same problem I am having with system lock ups. I mailed the author of the program and they are getting right on the issue. The bottom line is that Slipknot is a great idea and a nice software package. And with end users submitting comments, complaints, and other information directly to the author or the press, the issues will be worked out. I suggest that you keep an eye on Slipknot. It's really going somewhere! %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% cDc GDU #18 By Swamp Ratte (sratte@phantom.com) _ _ ((___)) [ x x ] cDc communications \ / Global Domination Update #18 (' ') November 1st, 1994 (U) Est. 1986 NEW gnU new GnU nEW gNu neW gnu nEw GNU releases for November, 1994: _________________________________/Text Files\_________________________________ 281: "Official cDc Press Release Concerning President Reagan" by Reid Fleming. The Cult influences the international political climate of opinion! We just want what we've got coming to us, mister. 282: "Argument" by Markian Gooley. Positivity and happy sunshine and neato stuff. 283: "Possibilities" by Obscure Images. Once again, Oi brings the linguistics for the nine deuce deuce. This one's got crazy subliminal tapes and a hippy chick. 284: "Sanford's Calico" by James Cazamias. It's just like Disney's _That Darn Cat!_, but different. 285: "Concise Guide to Forgetting How Much You Suck" by Jason Farnon. Courtesy of the cool _I Bleed For This?_ 'zine, here we go with a cDc edit/ distribution. Lots of practical advice to improve your standard of living. 286: "The Divine Masters" by Shriek Broomstraw. Particle physics and alien overlords and why you should be concerned with all this. You should. Really. 287: "Shotgun" by Swamp Ratte'. Never mind _Where's Waldo?_, where's the shotgun? Oh my. Fills out this release's angst quota. 288: "Rejection Letter Blues" by Jeff Swanson. Some people just can't appreciate good literature. Fun-eeEe. 289: "Can There Be Artificial Intelligence?" by Tequila Willy. Another scholarly scab for you to pick at. That Willsie, what a smart guy. 290: "Bob Takes a Trip" by Special Agent Finerty. Bob's a mechanical dog and he's NUTS. CRAZY. Watch out. Zany hi-jinx. __________________________________/cDc Gnuz\__________________________________ _ _ |\ /^\ /^\ / / / @ )^ -| @ )^ - _ / / 666 ( \/-^-^^| /--^-^-~ \o \ \ o \ / /@ )^ - _ | o| _ - _ \ / o /| /--^-^-~ / / / O o ^ - / ( O |/ / /\ | o \__ _/ O o O o ( o \ o \ /_/@ | \ o o o / |__ _ \\ \ o O \ O ( o - o / . ^ \S - - \ o ) \ ( ) /(_ / /^ | / - _ - - \ \ -_ -- - | / \ / \ | \ \. / | | \ | \ /_ \ / | \ / _ \ | \ - | \ - "This low-go you've received is the image of the be east. Whatever you do, do not hold this image in your write hand or receive its image by foe-ton trance Miss-shun through your I balls into your mined full crane he um or you've received the mark of the bee east. Stung, by buy bull revel lay shun. Keep your clothes on and don't follow the be eastly bare whoreds." -Philip Heggie --x X x-- New things? Yep. There's now a Usenet newsgroup for you to discuss the All-Powerfulness of cDc. It's "alt.fan.cult-dead-cow" and if your newsfeed isn't getting it, mail news@yersite and say, "GET WITH THE PROGRAM, PAL! HUP HUP!" Tell me about the time you were in the 7th grade and had to do a #2 really bad and those blind special ed. kids were in the bathroom swinging their canes around and saying bad words. You were SCARED, weren't you. HA! The world is filled with WIMPS. You go to a large public restroom, into a stall. All the other people in the stalls, you can see their feet. They make no noise. They sit and wait and clutch their tiny little genitals in FEAR. But I am NOT LIKE THEM. I MAKE MY DISGUSTING NOISES AS I PLEASE. I clean up, I exit my stall, I wash my hands and I LEAVE. I AM DONE. I AM RELIEVED. They remain, cowering, wishing they had the GUTS to CRAP but they do not and their bowels TREMBLE with gasses. They are but INSECTS because they cannot CRAP FREELY. LEARN FROM MY ACTIONS and you too can be POWERFUL. Lady Carolin is now running the Official cDc Internet Dumpster: ftp or gopher to cascade.net for all the cDc stuff, all the time. Cascade.net gets 'em first and fast. The secondary site is ftp.eff.org as usual. The other day I finally got The Beatles' _Abbey Road_ album and this "I Want You (She's So Heavy)" song is amazing. So I'm thinking, why should I be concerned with this week's indie-certified alterna-wonder- weenie when I DON'T EVEN HAVE A GOOD COPY OF BARRY MANILLOW'S "MANDY"? MY 8-TRACK SUFFERS FROM EXTREME WOW AND FLUTTER. HOW CAN I EVEN _THINK_ ABOUT JAWBREAKER WHEN MY JACKSON 5 COLLECTION IS SADLY INCOMPLETE!!?? If your writings have CLASS and STYLE, we want 'em. Dig the address at the bottom of this file, daddy-o. "What's good for cDc is good for America." - President Calvin Coolidge S. Ratte' cDc/Editor and P|-|Ear13zz |_3@DeRrr "We're into t-files for the groupies and money." Middle finger for all. Write to: cDc communications, P.O. Box 53011, Lubbock, TX 79453. Internet: sratte@phantom.com. cDc Global Domination Update #18-by Swamp Ratte'-"Hyperbole is our business" Copyright (c) 1994 cDc communications. All Rights Reserved. ALL FILES LEECHABLE *NOW* BY WWW/GOPHER/FTP FROM CASCADE.NET: pub/cDc/New _ _ ((___)) [ x x ] cDc communications \ / Global Domination Update #19 (' ') December 1st, 1994 (U) Est. 1986 NEW gnU new GnU nEW gNu neW gnu nEw GNU releases for December, 1994: _________________________________/Text Files\_________________________________ 291-299: Nine Christmas/Holiday/Cold Arctic Wasteland-related stories. Some are funny, some are disturbing, and some will make you VERY AWARE of every single PORE on your NOSE. * cDc - DOWN HOME FOR THE HOLIDAYS (1994). Dolly Parton, Kenny Rogers, Olivia Newton-John, Clint Black. Gather 'round the tree and enjoy a rousing duet of Kenny and Olivia singing "Jingle Bell Rock" while Ms. Parton gets drunk and embarrasses herself. Directed by Martin Scorsese. (Drug Use, Adult Language, Graphic Violence, Strong Sexual Content). __________________________________/cDc Gnuz\__________________________________ "In their workshops, the elves toil under the oppressive eyes of the redshirts. The Eskimos are all but extinct, and the dentists pull tooth after whalebone tooth from the charred skulls of their remnants. Oh, the twinkling blue Aryan eyes! There is blood on his cheeks! He trains mighty legions in his impregnable northern fortress. The Lapps have come to fear the sound of marching boots and jingling bells. With his newest sleigh, he can strike any European city in under twenty minutes. Good children get a switch in their stocking. The bad ones disappear. LONG LIVE THE FOURTH REICH!" -Andrew Solberg - x X x - Conspicuous consumption of cDc products will fill the empty, gnawing voids you may or may not feel in your life... which become all the more apparent at ridiculous hours of the night as carbonated beverages gradually wear away your stomach lining and ulcers work their own little brand of magic. Things to look forward to in 1995: cDc #300 - Cow Beat #3: "Teen Idling on the Inphomashun Hi-Mom-I'm-on-TV- way" cDc FACK: "Frequently Anointed Cows are K-rad." Or something. I could give you promises of Twinkies and a cool, like, Yaga t-shirt. Will you be happy then? From here to eternity we will shop. We will shop at The Mall and buy only the finest in fashions and Rage Against the Toaster will provide the aural motivation. "Fuck you, Mom, I won't clean my room like you tell me." Go to HoHoCon and it'll be cool. Ramada Inn South. 1212 West Ben White Blvd. Austin, Texas. Friday, December 30th through Sunday the 1st. Shop! Shop! Do the booty hop! The leather store has a sale on biker jackets, Harley accessories optional and in-stock. New tats shine with gleaming disinfectant. Bright red-skinned jolly pierceings, and sparkling sterling silver! On the tongue, through the lip. Susy's got a charming new necklace, and Little Johnny has a delightful new nose ring! "Come over here, Johnny, so Aunty Emma can see your newest hole." Make new holes and fill 'em up. As cDc stalks around, hunting the logical conclusions. Ho. S. Ratte' cDc/Editor and P|-|Ear13zz |_3@DeRrr "We're into t-files for the groupies and money." Middle finger for all. Write to: cDc communications, P.O. Box 53011, Lubbock, TX 79453. Internet: sratte@phantom.com. _____________________________________________________________________________ cDc Global Domination Update #19-by Swamp Ratte'-"Hyperbole is our business" Copyright (c) 1994 cDc communications. All Rights Reserved. ALL FILES LEECHABLE *NOW* BY WWW/GOPHER/FTP FROM CASCADE.NET: pub/cDc/New %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% MY LETTER TO WIRED RE: WWW PAGE [Editor's note: I mailed this to Wired...and they said that they would print it in the February 1995 issue. We'll see] By Scott Davis (dfox@fc.net) Dear Wired, I have taken it upon myself to do an informal poll regarding your new WWW page on the Internet. I recall that not so long ago, the Wired WWW page was a great thing. It was easy to use and contained a wealth of information. Now, it appears that one must have some type of psudo-government security clearance to get into this WWW page. It is my guess that the purpose for having to enter one's name, e-mail address, special-secret-multi-digit-code, and other requested information is for the purpose of demographics. No matter the reason behind all of this...IS IT WORTH IT? Please allow me to explain the frustrations of some of the net-community. In announcing my informal poll, I stated my opinion on the new WWW page. It was not favorable to Wired. I asked others to mail me their opinions also. I will edit some of these for brevity only. I assure you that I did not receive a single good comment about the new page. And from what I understand, it seems like that there was some debate regarding the creation and operation of the HotWired page. One net-denizen replied to me, "Three weeks ago Jane Metcalfe came to UCDavis to talk about Hotwired and to give the first public demo of it. She told us that they had debated for quite some time about how to set it up--wanting a balance between looking 'friendly' and 'not allowing anonymous logins'. Sounds like the balance has tipped a bit further than she wanted, given commentary on the net.ith a cDc edit/ distribution. Lots of practical advice to improve your standard of living. 286: "The Divine Masters" by Shriek Broomstraw. Particle physics and alien overlords and why you should be concerned with all this. You should. Really. 287: "Shotgun" by Swamp Ratte'. Never mind _Where's Waldo?_, where's the shotgun? Oh my. Fills out this release's angst quota. 288: "Rejection Letter Blues" by Jeff Swanson. Some people just can't appreciate good literature. Fun-eeEe. 289: "Can There Be Artificial Intelligence?" by Tequila Willy. Another scholarly scab for you to pick at. That Willsie, what a smart guy. 290: "Bob Takes a Trip" by Special Agent Finerty. Bob's a mechanical dog and he's NUTS. CRAZY. Watch out. Zany hi-jinx. __________________________________/cDc Gnuz\__________________________________ _ _ |\ /^\ /^\ / / / @ )^ -| @ )^ - _ / / 666 ( \/-^-^^| /--^-^-~ \o \ \ o \ / /@ )^ - _ | o| _ - _ \ / o /| /--^-^-~ / / / O o ^ - / ( O |/ / /\ | o \__ _/ O o O o ( o \ o \ /_/@ | \ o o o / |__ _ \\ \ o O \ O ( o - o / . ^ \S - - \ o ) \ ( ) /(_ / /^ | / - _ - - \ \ -_ -- - | / \ / \ | \ \. / | | \ | \ /_ \ / | \ / _ \ | \ - | \ - "This low-go you've received is the image of the be east. Whatever you do, do not hold this image in your write hand or receive its image by foe-ton trance Miss-shun through your I balls into your mined full crane he um or you've received the mark of the bee east. Stung, by buy bull revel lay shun. Keep your clothes on and don't follow the be eastly bare whoreds." -Philip Heggie --x X x-- New things? Yep. There's now a Usenet newsgroup for you to discuss the All-Powerfulness of cDc. It's "alt.fan.cult-dead-cow" and if your newsfeed isn't getting it, mail news@yersite and say, "GET WITH THE PROGRAM, PAL! HUP HUP!" Tell me about the time you were in the 7th grade and had to do a #2 really bad and those blind special ed. kids were in the bathroom swinging their canes around and saying bad words. You were SCARED, weren't you. HA! The world is filled with WIMPS. You go to a large public restroom, into a stall. All the other people in the stalls, you can see their feet. They make no noise. They sit and wait and clutch their tiny little genitals in FEAR. But I am NOT LIKE THEM. I MAKE MY DISGUSTING NOISES AS I PLEASE. I clean up, I exit my stall, I wash my hands and I LEAVE. I AM DONE. I AM RELIEVED. They remain, cowering, wishing they had the GUTS to CRAP but they do not and their bowels TREMBLE with gasses. They are but INSECTS because they cannot CRAP FREELY. LEARN FROM MY ACTIONS and you too can be POWERFUL. Lady Carolin is now running the Official cDc Internet Dumpster: ftp or gopher to cascade.net for all the cDc stuff, all the time. Cascade.net gets 'em first and fast. The secondary site is ftp.eff.org as usual. The other day I finally got The Beatles' _Abbey Road_ album and this "I Want You (She's So Heavy)" song is amazing. So I'm thinking, why should I be concerned with this week's indie-certified alterna-wonder- weenie when I DON'T EVEN HAVE A GOOD COPY OF BARRY MANILLOW'S "MANDY"? MY 8-TRACK SUFFERS FROM EXTREME WOW AND FLUTTER. HOW CAN I EVEN _THINK_ ABOUT JAWBREAKER WHEN MY JACKSON 5 COLLECTION IS SADLY INCOMPLETE!!?? If your writings have CLASS and STYLE, we want 'em. Dig the address at the bottom of this file, daddy-o. "What's good for cDc is good for America." - President Calvin Coolidge S. Ratte' cDc/Editor and P|-|Ear13zz |_3@DeRrr "We're into t-files for the groupies and money." Middle finger for all. Write to: cDc communications, P.O. Box 53011, Lubbock, TX 79453. Internet: sratte@phantom.com. cDc Global Domination Update #18-by Swamp Ratte'-"Hyperbole is our business" Copyright (c) 1994 cDc communications. All Rights Reserved. ALL FILES LEECHABLE *NOW* BY WWW/GOPHER/FTP FROM CASCADE.NET: pub/cDc/New _ _ ((___)) [ x x ] cDc communications \ / Global Domination Update #19 (' ') December 1st, 1994 (U) Est. 1986 NEW gnU new GnU nEW gNu neW gnu nEw GNU releases for December, 1994: _________________________________/Text Files\_________________________________ 291-299: Nine Christmas/Holiday/Cold Arctic Wasteland-related stories. Some are funny, some are disturbing, and some will make you VERY AWARE of every single PORE on your NOSE. * cDc - DOWN HOME FOR THE HOLIDAYS (1994). Dolly Parton, Kenny Rogers, Olivia Newton-John, Clint Black. Gather 'round the tree and enjoy a rousing duet of Kenny and Olivia singing "Jingle Bell Rock" while Ms. Parton gets drunk and embarrasses herself. Directed by Martin Scorsese. (Drug Use, Adult Language, Graphic Violence, Strong Sexual Content). __________________________________/cDc Gnuz\__________________----------------- CALLER ID FAQ By Padgett Peterson (padgett@tccslr.dnet.mmc.com) Frequently Asked Questions About Caller-ID v1.1 Mar. 1994 1) What is Caller-ID ? First ask "What is ANI" 2) OK, What is ANI ? ANI or Automatic Number Identification is a mechanism by which the different telephone companies determine what account is to be charged for a call, This information is passed between Telcos and was originally for billing purposes and predated both SS7 (Signaling System 7) and (C)LASS (Local Area Signaling Services was the original AT&T designations, the "C" was added by Bellcore after divesture) services which make CNID or Calling Number IDentification as Caller-ID is more properly known, possible. Since the Telcos had ANI, the decision was made to make it available to authorized parties such as 911 service and law enforcement agencies. ANI is also used to let a Telco operator know who is calling. More recently, ANI is used to report to 800 and 900 subscribers, who made the calls they have received, in the first case so that the 800 subscriber knows who the charge is for, and so that 900 number subscribers know who to charge. Thus while ANI is similar to CALLER-ID and may provide the same information, they are actually two different services and ANI information is not necessarily the same as what will appear on a CALLER-ID display. 3) Now (maybe) what is Caller-ID ? Caller-ID is a Telco offering that is a byproduct of (C)LASS services. In this case, only those numbers reported by participating exchanges are returned, exactly which are and which are not is currently (March 1994) at the Telco's discretion. The Federal Government has stated that it is their intent that nationwide CNID be available by mid-1995. The full text of this decision may be found FCC Report No. DC-2571 issued on March 8, 1994. The biggest effect of the ruling is to mandate transport of CPN (customer provided number) information between interconnecting networks eliminating the effective inter-LATA-only limitation that exists today in most areas. Currently there are two types of Caller-ID. The first (often referred to as "basic" service) just returns the calling number or an error message and the date/time of the call. The second ("enhanced" Caller-ID) also may return the directory information about the calling number. At a minimum, the name of the subscriber is returned (the subscriber is not the same as the caller, the phone company has no way to determine who is actually on the line). 4) How is the Caller-ID information provided ? As a 1200 baud, 7 data bits, 1 stop bit data stream usually transmitted following the first and before the second ring signal on the line. Note that this is not a standard Bell 212 or CCITT v22 data format so a standard modem will probably not be able to receive it. Further, the serial information exists as such only from the recipient's switch to the callee's location. Between carriers the signal exists as data packets. The signal is provided before the circuit is complete: picking up the receiver before the data stream is finished will stop/corrupt the transmission. Currently there are two types of information returned: a "short form" which contains the date/time (telco and not local) of the call and the calling number or error message. The "long form" will also contain the name and possibly the address (directory information) of the calling phone. The "short form" stream consists of a set of null values, followed by a two byte prefix, followed by the DATE (Month/Day), TIME (24 hour format), and number including area code in ASCII, followed by a 2s compliment checksum. Most modems/caller id devices will format the data but the raw stream looks like this : 0412303232383134333434303735353537373737xx or (prefix)02281334407555777(checksum) A formatted output would look like this: Date - Feb 28 Time - 1:34 pm Number - (407)555-7777 5) Can a Caller-ID signal be forged/altered ? Since the signal is provided by the local Telco switch and the calling party's line is not connected until after the phone is answered, generally the signal cannot be altered from the distant end. Manipulation would have to take place either at the switch or on the called party's line. However, the foregoing applies only to a properly designed CNID unit. For instance the Motorola M145447 chip has a "power down" option that wakes the Chip up when the phone rings for just long enough to receive, process, and deliver the CNID signal after which it shuts down until the next call. Should this option be disabled, the chip will be in a "listen always" state and it is theoretically possible to "flood" a line making a vulnerable box record successive erroneous numbers. I have received a report of a device called "Presto Chango" that can transmit an extra ADSI modem tone after the call has been picked up that will cause a susceptible box to display the later information. It was also reported to me that CNID boxes marketed by US-West as their brand and made by CIDCO have been used to demonstrate the "Presto Chango" box. 6) What is "ID Blocking" ? Most Telco's providing Caller-ID have been required to also provide the ability for a calling party to suppress the Caller-ID signal. Generally this is done by pressing star-six-seven before making the call. In most cases this will block the next call only however some Telcos have decided to implement this in a bewildering array of methods. The best answer is to contact the service provider and get an answer in writing. Currently this is supplied as either by-call or by-line blocking. By-Call is preferred since the caller must consciously block the transmission on each call. By-Line blocking as currently implemented has the disadvantage that the caller, without having a second caller-id equipped line to use for checking, has no way of knowing if the last star-six-seven toggled blocking on or off. Note that blocking is provided by a "privacy" bit that is transmitted along with the CNID information and so is still available to the Telco switch, just not to the subscriber as a CNID signal. Consequently related services such as call trace, call return, & call block may still work. 7) What happens if a call is forwarded ? Generally, the number reported is that of the last phone to forward the call. Again there are some Telco differences so use the same precaution as in (6). If the forwarding is done by customer owned equipment there is no way of telling but will probably be the last calling number. Note that as specified, CNID is *supposed* to return the number of the originating caller but this is at the mercy of all forwarding devices, some of which may not be compliant. 8) What happens if I have two phone lines and a black box to do the forwarding ? If you have two phone lines or use a PBX with outdialing features, the reported number will be that of the last line to dial. Currently there is no way to tell a black box from a human holding two handsets together. 9) I called somebody from a company phone (555-1234) but their Caller-ID device reported 555-1000. Often a company with multiple trunks from the Telco and their own switch will report a generic number for all of the trunks. There is a defined protocol for PBXs to pass true CNID information on outgoing lines but it will be a long time before all existing COT (Customer Owned Telephone) equipment is upgraded to meet this standard unless they have a reason to do so. 10) I run a BBS. How can I use Caller-ID to authenticate/log callers ? There are two ways. The first utilizes a separate Caller-ID box with a serial cable or an internal card. This sends the information back to a PC which can then decide whether to answer the phone and what device should respond. Some of these are available which can handle multiple phone lines per card and multiple cards per PC. The second (and most common) is for the capability to be built in a modem or FAX/modem. While limited to a single line per modem, the information can be transmitted through the normal COM port to a program that again can decide whether or not to answer the phone and how. There is a FreeWare Caller-ID ASP script for Procomm Plus v2.x available for FTP from the Telecom archive. Most such software packages will also log each call as it is received and the action taken. Of course for true wizards, there are chips available (one of the first was the Motorola MC145447) that can recognize the CNID signal and transform it into a proper RS-232 (serial) signal. 11) How is security enhanced by using Caller-ID over a Call-Back service or one-time-passwords for dial-up access ? Caller-ID has one great advantage over any other mechanism for telephone lines. It allows the customer to decide *before* picking up the receiver, whether to answer the call. Consider hackers, crackers, and phreaks. Their goal in life is to forcibly penetrate electronic systems without permission (sounds like rape doesn't it ?). They employ demon dialers and "finger hacking" to discover responsive numbers, often checking every number in a 10,000 number exchange. If they get a response such as a modem tone, they have a target and will often spend days or weeks trying every possible combination of codes to get in. With Caller-ID answer selection, the miscreant will never get to the modem tone in the first place, yet for an authorized number, the tone will appear on the second ring. Previously the best solution for dial-ups was to set the modem to answer on the sixth ring (ats0=6). Few hackers will wait that long but it can also irritate customers. 12) What error messages will Caller-ID return ? a) "Out of Area" - (Telco) the call came from outside the Telco's service area and the Telco either has no available information or has chosen not to return what information it has. b) "Blocked" or "Private" - (Telco) the caller either has permanent call blocking enabled or has dialed star-six-seven for this call. You do not have to answer either. c) "Buffer Full" - (device manufacturer) there are many Caller-ID devices on the market and exactly how they have chosen to implement storage is up to the manufacturer. This probably means that the divide has a limited buffer space and the device is either losing the earliest call records or has stopped recording new calls. d) "Data Error" or "Data Error #x" - (device manufacturer) signal was received that was substandard in some way or for which the checksum did not match the contents. e) "No Data Sent" - (device manufacturer) Signal was received consisting entirely of nulls or with missing information but a proper checksum. 13) Why are so many people against Caller-ID ? FUD - Fear, Uncertainty, & Doubt or 10,000,000 lemmings can't be wrong. There were some justifiable concerns that some people (battered wives, undercover policemen) might be endangered or subject to harassment (doctors, lawyers, celebrities) by Caller-ID. As mentioned above there are several legitimate ways to either block Caller-ID or to have it return a different number. It is up to the caller. The advantage is that with Caller-ID, for the first time, the called party has the same "right of refusal". Expect yet another Telco service (at a slight additional charge) to be offered to return an office number for calls made from home. Crisis centers could return the number of the local police station. Compiled by Padgett Peterson. Constructive comments to: padgett@tccslr.dnet.mmc.com Brickbats >nul. Thanks for additional material to: David J. Kovan Robert Krten John Levine David G. Lewis Karl Voss %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% THE PENTIUM BUG WAR ENDS AS WE KNOW IT By James Baar and Theodore Baar The real long-term significance of the Great Intel Pentium Flaw Imbroglio is the imminent demise of the current practice of public relations and corporate and government communications as we know them. Ironically caught unaware of the communications world it helped create, Intel suffered a public relations near-disaster. Intel's arch competitor, IBM, wandered bubba-like into a public relations bog the future depths of which are still to be determined. Clearly we soon will see on the boneyard of history such communications artifacts as: --The lengthy, well-spun news release or official statement explaining what "really" happened or why a product "really" is a breakthrough for all mankind. --The news conference where the news is that what the media said yesterday or last week is "really" not the news at all. --The necessity to convince rushed and often ill-informed journalists and beautiful and much more ill-informed TV anchors that your truth is "really" true. The Internet is doing to public relations what CSPAN, CNN Forums and talk radio are doing to news coverage: When you are there, the messenger is extraneous. And, on the Internet, you are there and you are the messenger as well.. The Pentium Flaw War was the first major corporate war to be fought primarily in cyberspace. The initial, very scattered shots were fired more than five months ago on the Internet; major engagements got underway in October; and a worldwide battle raged through November and early December. Little of this was noted particularly in the general or trade media until near the end. And then it was reported as a highly technical problem of limited general interest. Only when IBM found it convenient to drop the equivalent of a small nuclear weapon did most of the major national media take note that something much more than an academic, technically obscure brawl was underway. Only then did the WALL STREET JOURNAL shout from it's front page: Chip Shot Computer Giants' War Over Flaw in Pentium Jolts the PC Industry And, on the same day, the NEW YORK TIMES shouted from it's front page: I.B.M. HALTS SALES OF IT'S COMPUTERS WITH FLAWED CHIP Both stories were inspired belatedly by an IBM announcement that it was suspending sales (sort of) of any of it's personal computers that included the Intel Pentium chip because the chip had a flaw. Well, ho-hum: Except for the IBM announcement, this was old news along the Information Highway. And the IBM announcement was immediately discounted by many of the veteran cyberspace combatants of the Pentium War as highly suspect: something similar to Parliament coming out against slavery in America after Lexington and Concord. Most great military engagements begin quite casually if not accidentally: A sniper picks off a poacher stealing a chicken. A nervous platoon leader calls in a little artillery fire on a bunker. A lost company stumbles on a tank column. Back in June, Intel and some of it's customers already knew about the bug that was preventing the new Pentium microprocessors to divide accurately out to more than nine or 10 decimal places in some cases. Intel did not publish the information. If any messages about the bug appeared here and there in various newsgroups on the Internet for the next few months, they initially attracted little attention. This was not the kind of consumer problem that causes a lot of excitement at your neighborhood 24-hour store. But this bug was of interest -- and in some cases importance to parts of the world technical community engaged in major mathematical calculations: This is a community that also appreciates that such a flaw is not the first nor will be the last in the increasing complexity of computer components and software; exalts technical openness; recognizes quickly when it is being stonewalled; and has a biting specialized sense of outrage and humor. Prof. Thomas Nicely of Lynchburg College reports that when he began running into a potential flaw in the Pentium in June he started a three month effort to determine whether the problem was the Pentium or something else. For example, his own calculations; or possibly known bugs in other hardware such as the Borland C Compiler. And in Copenhagen mathematicians developed a T-shirt satirizing the Intel chip logo "Intel Inside" as "No Intelligence Inside" and published memos saying "We knew about it early in June..." Intel managed to downplay and contain word of the bug for the most part through the next three months. Any callers were told at first that a fix was underway and that the bug affected only very special situations. Then, on Oct. 30, Dr. Nicely posted a message to "whom it may concern" on the Internet, reporting his findings and his frustrations with getting Intel to pay serious attention to him. In the succeeding weeks, the war between Intel and it's users exploded. Each day there were more reports about the bug and Intel's truculence. The number of the strings of messages on the Internet increased and grew longer as users at universities, laboratories and corporations around the world reported the same bug and it's potential variations; discussed their research for possibly more bugs; and reported on their unsatisfactory and frustrating phone calls to Intel. And here was where the war was really fought. Intel treated each caller as an individual, linear event to be dealt with in isolation; turned around or at least mollified. Intel's position was that this was a routine bug that was being taken care of and was of no major importance to most of it's customers. The Intel position essentially remained that there was no need for a general replacement on demand; that the problem was relatively minor; that if a user was engaged in the kind of heavy mathematics that could be affected by the bug then Intel, if it agreed, would replace a Pentium. Meantime, Intel and it's commercial allies continued to promote and sell Pentiums. More than four million Pentiums were reported sold. The words "greedy" and "arrogance" became popular on the Internet among customers describing Intel's position. The Internet discussion was highly technical and profane. It also included useful suggestions for broadening the discussion. For example, participants were provided with the Fax number of the New York Times. And more and more of the callers to Intel shared their mostly frustrating experiences on the Internet with a worldwide audience of customers. An angry mob -- slowly recognized as a major threat by Intel -- began to assemble in cyberspace Intel CEO Andrew Grove issued a statement on the Internet Nov. 27 seeking to quiet the mob. Instead the roar in cyberspace increased. Intel's Software Lab Technology Lab Director Richard Wirt on Dec. 8 issued a statement on the Internet describing Intel plans to provide a fix for the flaw. The roar continued and spread and Intel's weakening protests were increasingly drowned out as the users reinforced each other with new data and complaints around the clock around the world. It was at this point on Dec.12 that IBM -- a reported minor player in the sale of Pentiums, but the developer of a competitive chip, the PowerPC -- decided to announce both on the Internet and to the major national media the halting of it's shipments of Pentium-based IBM PCs. The war was now spread to the major national media where the problem was easily confused with various consumer product recalls and the Internet where IBM's move was both discounted as self-serving and used simultaneously to pummel Intel further. By Dec. 20 Intel had had enough. It agreed to a general recall and apologized for not doing so sooner. The public relations lessons are clear. People -- particularly customers -- are no longer isolated waiting to learn sooner or later what is happening through the third party media screen and, in turn, relying on the third party media to screen and sooner or later report their reaction. Even when the third party media is accurate this process can take many days. Through the Internet, people -- particularly customers -- can tell a corporation or organization exactly what they think and why and share that simultaneously and instantaneously with all concerned around the world. The Internet returns the world to the agora where everyone hears what was said; and everyone hears all comments and reactions; everyone knows who is talking and can make credibility judgments. The first Intel error was not to spot the issue stirring on the Internet months ago when the commentary was helpful and understanding. At that time and for several months later, Internet commentators could have been embraced and thanked for their efforts; immediate plans for a work-around fix could have been disclosed; and work on a permanent fix could have been described: all in cyberspace among sophisticated customers who well understand the complex nature of the technology. Intel's second error was not to recognize that because of the Internet it no longer could reason at least semi-privately with customers and advance rational technical arguments. In pre-cyberspace days, that could be effective: the customer is grudgingly mollified until the issue is eventually resolved. But in this case, as it's customers shared both their problems and experiences with each other in real time, they fed each others frustrations; were empowered as a group to demand better treatment; and built mutual strength with each day for new battles to come. Intel's third error was not to go directly on line with it's customers and deal with the issue interactively. Instead, Intel pursued the classic static public relations mode of issuing statements and news releases. These were turned into blackened ruins by Internet flame messages in a matter of hours. Meantime, IBM by it's announcement, uncorked the Law of Unanticipated Consequences. The Internet mob really understood the issue; the general public for the most part did not. IBM, with motives already under suspicion, opened the bottle labeled "Doubt about Technology" to the overall potential future detriment of the Information Technology Industry in general. As more people around the world join the millions already using the Internet for communications, corporations and government will be forced if they wish to succeed to function within the new realities of cyberspace: information is shared and sifted by thousands of knowledgeable people; time is collapsed; facts are quickly checked; loss of credibility can be instantaneous; second chances are rare and harder to effect; grandstand plays better be perfect; and the playing off of one audience against another is far more easily detected. Above all else, a smattering of obscure messages or even a random one or two can no longer be automatically disregarded as mere technical mumbling. For example, is anyone following up on a recent Internet potential bug message regarding AMD DX-80 chips or another regarding "something about a conditional loop" in the Pentium? One final cyberspace reality of note: instant corrosive humor is abundant and effective. (If they really are laughing about you, you can't be taken seriously anymore.) This was ably demonstrated by the Internet author who wrote for the delectation of Intel customers and potential customers everywhere a Star Trek parody. He called it: "BBUUGGS IINN SSPPAACCEE!!". (This article is from a forthcoming issue of Knowledge Tools News, an electronic newsletter of Omegacom, Inc. James Baar (jimbar@omegacom.com) is president/managing consultant. Theodore Baar (tedbar@omegacom.com.) is vice president/chief technologist.) ----------- Copyright (c) 1994 Omegacom, Inc., all rights reserved. This article may be posted to any USENET newsgroup, on-line service, or BBS as long as it is posted in it's entirety and includes this copyright statement. All other rights reserved. This article may not be included in commercial collections or compilations without express permission from Omegacom, Inc. jimbar@omegacom.com. For all other uses you must seek permission of Omegacom, Inc. jimbar@omegacom.com %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% NON-DISCLOSURE AGREEMENT OF DR. NICELY The following message was posted to the Internet by Dr. Thomas Nicely, discover of the Pentium Floating Point Unit Flaw. The first part deals with a question regarding Dr. Nicely's signing of a non-disclosure agreement with Intel. TO: Whomever It May Concern FROM: Dr. Thomas R. Nicely, Lynchburg College, Lynchburg, Virginia (nicely@acavax.lynchburg.edu) RE: Pentium Bug and Intel NDA DATE: 94.11.25.1400 EST This is in reply to Paul Rubin's (phr@netcom.com) inquiry of 23 November. * I signed a temporary nondisclosure agreement with Intel on 10 November. * There was no coercion or threat of any kind, by either party. * The NDA was signed in the course of discussions to determine whether or not an agreement (such as a consultancy) could be reached which would prove beneficial in the long term to myself, to the Intel Corporation, and to my employer, Lynchburg College. * From 10 November until 22 November, I deflected all inquiries regarding the Pentium FPU to Intel's representatives. This was a consequence of my own mistaken interpretation of the NDA; I was treating it in the manner of a security clearance; I once held a clearance for secret restricted data in X-division (nuclear weapon design and analysis) at Los Alamos National Laboratory, and that clearance treated most information concerned as "born secret," even if the information was acquired prior to the clearance and/or independently. In the same spirit, I removed from the College's VAX anonymous FTP directory copies of the codes used to analyze the Pentium chip for the bug. * After receiving some complaints in this regard, Intel (on its own initiative) informed me on 22 November that I was free to discuss publicly the discovery and nature of the Pentium FPU bug, since this was my own work, accomplished prior to signing the NDA and without assistance from Intel; and that the primary purpose of the NDA was to insure confidentiality of information exchanged in the course of any consulting I might do for Intel in the future. * To this date, Intel has been most cooperative in alleviating difficulties caused for my own research (computational number theory; distribution of twin primes and other constellations, and the sums of their reciprocals) by the presence of the bug. They have shipped replacement chips for the CPUs in the machines I am using, and I have verified that the new chips are free of the bug (zero errors in > 1e15 simulated random divisions). * I cannot speak for Intel regarding its policies on CPU replacement for Pentium systems having the bug; that is a management decision which obviously must take into account the constraints of supply, inventory, logistics, expense, and public relations. To date, I believe Intel has handled the affair in essentially the manner that could usually be expected of most businesses operating in a highly competitive, low-margin capitalistic economy. Any Pentium owner who feels the need for a replacement CPU should contact Intel Customer Service and Tech Support at 800-628-8686, or Intel representative John Thompson at 408-765-1279. * I probably have a somewhat different perspective on the bug than most users. It is my opinion that the current generation of microprocessors (and possibly all of them since, say, the 8080) has become so complex that it is no longer possible to completely debug them, or even to determine every bug that exists in one. Thus, the discovery of this particular bug should not be any great surprise. There have been many well-publicized bugs in the past (e.g., the 32-bit multiply bug in the early 80386s, the arctangent bug in the early 80486s, the stack-handling bug in the early 8088s, and the Motorola 68K revision F bug). Furthermore, in view of this, all mission-critical computations should be performed multiple times, in settings as independent as possible--- preferably with different CPUs, operating systems, and software algorithms. Where different platforms are not available, the same computation should be performed using algorithms as independent as possible; this was in fact how I pinpointed the Pentium bug---the sums of the reciprocals of the twin primes were being done in both long double floating point (64 significant bits) and in extended precision using arrays of integers (26 decimal digits at that time, 53 decimal digits currently). Dual calculations were also being run on 486 and Pentium systems. * Note that the bug can be temporarily circumvented by locking out the FPU. For most DOS applications, this can be done by means of the DOS commands SET 87=NO (for executables created by Borland compilers) and SET NO87=NO87 (for executables created by Microsoft compilers). Of course, this is at best a performance-killing band-aid; some applications require an FPU, while Windows and most DOS extenders ignore these environmental variables. In theory, it should be possible to write a fairly short (100 lines?) utility code which enters protected mode (ring 0), sets up a valid global descriptor table (and perhaps a valid interrupt descriptor table), resets the emulation bit in the machine status word of control register 0, and then re-enters real mode. Running such a code at boot time should lock out the FPU even for Windows and DOS extended applications; a similar code could reactivate the FPU at will. Unfortunately, I haven't had the time to write the code yet! * To date, my analysis indicates that the bug will appear in about 1 in 31 billion random divisions and 1 in 1.26 billion random reciprocals. These figures are similar to the rate of 1 in 9.5 billion attributed to Intel. In my own application (distribution of twin primes and the sum of their reciprocals) no error appeared for values < 824e9. Most users will find these values reassuring; those of us doing computational number theory, chaos theory, or analysis of ill-conditioned matrices may still want a new, bug-free CPU. * To date, the worst-case error of which I am aware is an example apparently posted by Tim Coe of Vitesse Semiconductors on 14 November, indicating that the quotient 4195835.0/3145727.0 is returned correctly to only 14 significant bits (5 significant decimal digits). I have not yet had a chance to verify this example. * Copies of some of the codes I have used to analyze the bug (updated to reflect later developments) will be restored to the anonymous FTP directory [anonymous.nicely.pentbug] of Lynchburg College's VAX server (machine ID acavax.lynchburg.edu) as soon as I get time to update and post them. * Feel free to transmit this communication as you wish. Sincerely, Dr. Thomas R. Nicely %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% THE COMPUTER NEVERMORE (The Raven) By Unknown Once upon a midnight dreary, fingers cramped and vision bleary, System manuals piled high and wasted paper on the floor Longing for the warmth of bedsheets, Still I sat there, doing spreadsheets; Having reached the bottom line, I took a floppy from the drawer. Typing with a steady hand, then invoked the SAVE command But I got a reprimand: it read 'Abort, Retry, Ignore.' Was this some occult illusion? Some maniacal intrusion? These were choices Solomon himself had never faced before. Carefully, I weighed my options. These three seemed to be the top ones. Clearly I must now adopt one: Choose 'Abort, Retry, Ignore.' With my fingers pale and trembling, Slowly toward the keyboard bending, Longing for a happy ending, hoping all would be restored, Praying for some guarantee Finally I pressed a key-- But on the screen what did I see? Again: 'Abort, Retry, Ignore.' I tried to catch the chips off-guard-- I pressed again, but twice as hard. Luck was just not in the cards. I saw what I had seen before. Now I typed in desperation Trying random combinations Still there came the incantation: Choose: 'Abort, Retry, Ignore.' There I sat, distraught exhausted, by my own machine accosted Getting up I turned away and paced across the office floor. And then I saw an awful sight: A bold and blinding flash of light-- A lightning bolt had cut the night and shook me to my very core. I saw the screen collapse and die 'Oh no--my data base,' I cried I thought I heard a voice reply, 'You'll see your data Nevermore!' To this day I do not know The place to which lost data goes I bet it goes to heaven where the angels have it stored But as for productivity, well I fear that IT goes straight to hell And that Us the tale I have to tell Your choice: 'Abort, Retry, Ignore.' %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% TWAS THE NIGHT BEFORE STAR TREK... 'Twas the night before Christmas, when all through the ship Not a circuit was buzzing, not one microchip; The phasers were hung in the armory securely, In hope that no alien would get up that early. The crewmen were nestled all snug in their bunks (Except for the few who were partying drunks); And Picard in his nightshirt, and Bev in her lace, Had just settled down for a neat face to face... When out in the hall there arose such a racket, That we leapt from our beds, pulling on pant and jacket. Away to the lifts we all shot like a gun, Leapt into the cars and yelled loudly "Deck One!" The bridge red-alert lights, which flashed through the din, Gave a lustre of Hades to objects within. When, what on the viewscreen, our eyes should behold, But a weird kind of sleigh, and some guy who looked old. But the glint in his eyes was so strange and askew, That we knew in a moment it had to be Q. His sleigh grew much larger as closer he came. Then he zapped on the bridge and addressed us by name: "It's Riker, It's Data, It's Worf and Jean-Luc! It's Geordi, And Wesley, the genetic fluke! To the top of the bridge, to the top of the hall! Now float away! Float away! Float away all!" As leaves in the autumn are whisked off the street, So the floor of the bridge came away from our feet, And up to the ceiling, our bodies they flew, As the captain called out, "What the Hell is this, Q?!" The prankster just laughed and expanded his grin, And, snapping his fingers, he vanished again. As we took in our plight, and were looking around, The spell was removed, and we crashed to the ground. Then Q, dressed in fur from his head to his toe, Appeared once again, to continue the show. "That's enough!" cried the captain, "You'll stop this at once!" And Riker said, "Worf, take aim at this dunce!" "I'm deeply offended, Jean-Luc" replied Q, "I just wanted to celebrate Christmas with you." As we scoffed at his words, he produced a large sack. He dumped out the contents and took a step back. "I've brought gifts," he said, "just to show I'm sincere. There's something delightful for everyone here." He sat on the floor, and dug into his pile, And handed out gifts with his most charming smile: "For Counselor Troi, there's no need to explain. Here's Tylenol-Beta for all of your pain. For Worf I've some mints, as his breath's not too great, And for Geordi LaForge, an inflatable date." For Wesley, some hormones, and Clearasil-plus; For Data, a joke book, For Riker a truss. For Beverly Crusher, there's sleek lingerie, And for Jean-Luc, the thrill of just seeing her that way." And he sprang to his feet with that grin on his face And, clapping his hands, disappeared into space. But we heard him exclaim as he dwindled from sight, "Merry Christmas to all, and to all a good flight!" %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% SANTA SOURCE CODE By Unknown #bash better !pout !cry better watchout lpr why santa claus town cat /etc/passwd >list ncheck list ncheck list cat list | grep naughty >nogiftlist cat list | grep nice >giftlist santa claus town who | grep sleeping who | grep awake who | egrep 'bag|good' for (goodnes sake) { be good } better !pout !cry better watchout lpr why santa claus town [original source unknown] %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%----------------- MY LIFE AS AN INTERNATIONAL ARMS COURIER By Matt Blaze (mab@research.att.com) Under an obscure provision of US law, devices and computer programs that use encryption techniques to hide information from prying eyes and ears are considered ``munitions'' and subject to the same rules that govern the international arms trade. In particular, taking such items out of this country requires the approval of the State Department, which decides whether exporting something might endanger national security. In the past, these restrictions were of little concern to the average citizen; encryption found most of its application in military and diplomatic communications equipment. Today, however, growing concern over electronic fraud and privacy means that encryption techniques are starting to find their way into more conventional commercial products like laptop computers and portable phones. Mostly to find out what the process was like, I recently applied for a temporary export license for a portable telephone encryption product that I wanted to take with me on a business trip to England and Belgium. The item in question is more properly called a ``telephone security device.'' This is a little box that scrambles telephone conversations to protect them against eavesdroppers; this sort of protection is sometimes important when discussing confidential business matters from faraway places. The particular model I bought was already approved for export; it employs a cipher algorithm that the government has already decided is not a threat to national security even should it fall into the hands of some rogue government. This model is aimed primarily, I presume, at international business travelers who want to communicate in a reasonably secure manner with their home offices in the states. In other words, a typical user buys two of them, leaving one at the home office and carrying the other when traveling abroad. The options that came with my device included a James Bond-ish looking acoustic coupler and handset to facilitate its connection to the hardwired phones that are still common in European hotel rooms. It turns out that there was recently some discussion in the government about exempting products like my secure phone from the licensing paperwork requirements. Unfortunately, however, this exemption never actually took effect. So even though the device I had was already approved for sale abroad, I still needed to get a temporary export license before I could take it with me. But I was assured that ``this is an easy, routine process''. Well, sure enough, about two weeks before I was to leave I got back my official US State Department ``license for the temporary export of unclassified defense articles''. So far, so good. From what I was able to figure out by reading the license (and having a few conversations with an export lawyer), I'm required to leave from an international airport with a Customs agent present (no problem there, although Customs is geared to arriving, rather than departing, travelers). At the airport, I'm supposed to fill out a form called a ``shipper's export declaration'' (SED) on which I have to declare that ``these commodities are authorized by the US government for export only to Belgium and the United Kingdom. They may not be resold, transshipped, or otherwise disposed of in any country, either in their original form or incorporated into other end-items without the prior written approval of the US Department of State''. Then I'm to present the SED and export license to a Customs official at the airport before I leave. The Customs officer is supposed to take my SED and endorse my license to show what I'm actually taking out of the country. On the way back in, I'm supposed to ``declare'' my item at Customs (even though it was manufactured in the US) and show them my license, and they're supposed to endorse the license again as proof that I have, in fact, returned the ``defense article'' to the safety of the United States. The first hitch I ran into was that no one could actually tell me where I could get an SED form. But when I called Customs they assured me that this was no big deal. ``Just come by when you get to the airport and we stamp the license. I guess you can just fill out the SED there,'' they said. I made sure to get to the airport early anyway. Although there was moderately heavy traffic near the airport, I made it to JFK two and a half hours before my 10pm flight. I was flying United, which has their own terminal at JFK, so Customs has an office right there in the same building from which I was to depart (JFK is awful to get around, so I was glad for this). I checked in for my flight (and got upgraded to first class, which bolstered my expectation that everything was going to be really easy from here on). Then, luggage, license and phone in hand, I made my way downstairs to Customs, expecting to fill out the SED form and ``just have my license stamped'' as they had assured me earlier on the telephone. I explained my situation to the security guard who controls entry to the Customs area, and he led me to ``the back office'' without much argument or delay. The head uniformed Customs guy in the back office (which I think is same office where they take the people suspected of being ``drug mules'' with cocaine-filled condoms in their stomaches) looked approachable enough. He had a sort of kindly, grandfatherly manner, and he was playing a video game on a laptop computer. I got the impression that most of the people he encounters are suspected drug smugglers, and he seemed pleased enough to be dealing with something a little different from the norm. When I explained what I was doing he looked at me as if I had just announced that I was a citizen of Mars who hadn't even bothered to obtain a visa. He explained, carefully, that a) I really do need the SED form; b) not only that, I should have already filled it out, in duplicate; c) he doesn't have blank SED forms; d) he, like everyone else in the entire US government that I had spoken to, has no idea where one gets them from, but people must get them from somewhere; and e) it doesn't really matter, because I'm in the wrong place anyway. I asked him where the right place is. ``The cargo building, of course,'' he told me, patiently. I remembered the cargo building because I passed it in the taxi just as the traffic jam began, about half an hour before I got to the United terminal. The airport shuttle bus doesn't stop there. I'd have to call a taxi. ``But I think they're closed now, and even if they were open you'd never make it before your flight'' he helpfully added, saving me the trip. He also complemented me for going to the trouble to get the license. I must have looked hurt and confused. Eventually he called in some fellow in a suit who I presume to have been his boss. ``Are you the guy who wants to export the fancy gun?'' the fellow in the suit asked me. ``It's not a gun, it's a telephone,'' I responded, with a straight face. ``Why do you have a license to export a telephone?'' Good question, I thought. I explained about the export law and showed him the thing. He agreed that it looked pretty harmless. The fellow in the suit reiterated points a through e almost verbatim (do they rehearse for these things?) and explained that this isn't really their department, since my license was issued by the State Department, not Customs, and my situation doesn't come up very often because exports usually go via the cargo building. He'd love to help me, but the computer in which these things get entered is over in Cargo. ``That's how the records get made. But you do have a valid license, which is nice.'' He also suggested that I would have had an easier time had I shipped the device instead of carrying it with me. I asked what I should do, given that my plane was scheduled to leave in less than an hour. Neither was sure, but the fellow in the suit seemed willing leave it to the discretion of the uniformed guy. ``How does this thing work, anyway?'' he asked. I explained as best as I could, trying to make it sound as harmless as it is. ``You mean like that Clipper chip?'' he asked. At this point, given that he has a computer and knows something about the Clipper chip, I figured that maybe there was some hope of making my flight. Or maybe I was about to spend the night in jail. In my mind, I put it at about a 90:10 hope:jail ratio. Then he asked, ``Do you know about this stuff?'' So we chatted about computers and cryptography for a while. Finally, the two of them decided that it wouldn't really hurt for them to just sign the form as long as I promised to call my lawyer and get the SED situation straightened out ASAP. They assured me that I won't be arrested or have any other trouble upon my return. I made my flight, validated license in hand. An aside: Throughout my trip, I discovered an interesting thing about the phone and the various options I was carrying with it. Under X-ray examination, it looks just like some kind of bomb. (I suspect it was the coiled handset cords). Every time I went through a security checkpoint, I had to dig the thing out of my luggage and show it to the guard. I almost missed the new ``Eurostar'' chunnel train (3hrs 15mins nonstop from London to Brussels, airport-style check-in and security) as the guards were trying to figure out whether my telephone was likely to explode. Coming back to the US was less eventful, though it did take me an extra hour or so to get through Customs. Expecting a bit of a hassle I didn't check any luggage and made sure to be the first person from my flight to reach the Customs line. The inspector was ready to wordlessly accept my declaration form and send me on my way when I opened my mouth and explained that I needed to get an export license stamped. That was obviously a new one for him. He finally decided that this had to be handled by something called the ``Ships Office''. I was sent to an unoccupied back room (a different back room from before) and told to wait. I thought about the recent Customs experiences of Phil Zimmermann. (Zimmermann, the author of a popular computer encryption program, was recently detained, questioned and searched by Customs officials investigating whether he violated the same regulations I was trying so hard to follow.) After about half an hour, an officer came in and asked me what I needed. I explained about my export license that had to be endorsed. She just shrugged and told me that she had to ``process the flight'' first. As best as I could tell, her job was to clear the airplane itself through Customs, that being, technically speaking, a very expensive import. It would take a little while. She was pleasant enough, though, and at least didn't look at me as if she intended to send me to jail or have me strip searched. Finally, she finished with the plane and asked me for my form. She studied it carefully, obviously never having seen one before, and eventually asked me what, exactly, she was supposed to do. I explained that I had never actually gone through this process before but I understood that she's supposed to record the fact that I was re-importing the device and stamp my license somewhere. She told me that she didn't know of any place for her to record this. After some discussion, we agreed that the best thing to do was to make a Xerox copy of my license and arrange for it to go wherever it had to go later. She stamped the back of the license and sent me on my way. It was a little over an hour after I first reached the Customs desk. My conclusion from all this is that it just isn't possible for an individual traveler to follow all the rules. Even having gone through the process now, I still have no idea how to obtain, let alone file, the proper forms, even for a device that's already been determined to be exportable. The export of export-controlled items is ordinarily handled by cargo shipment, not by hand carrying by travelers, and the system is simply not geared to deal with exceptions. Technically speaking, everyone with a laptop disk encryption program who travels abroad is in violation of the law, but since no one actually knows or checks, no mechanism exists to deal with those who want to follow the rules. While (fortunately) everyone I dealt with was sympathetic, no one in the government who I spoke with was able to actually help me follow the rules. I was permitted to leave and come back only because everyone involved eventually recognized that my telephone was pretty harmless, that my intentions were good, and that the best thing to do was be flexible. If anyone had taken a hard line and tried to enforce the letter of the law, I simply wouldn't have been able to take the thing with me, even with my license. Had I just put my telephone in my suitcase without telling anyone instead of calling attention to myself by trying to follow the rules, chances are no one would have noticed or cared. Unfortunately, however, these absurd rules carry the full force of law, and one ignores them only at the risk of being prosecuted for international arms trafficking. While it may seem far-fetched to imagine US citizens prosecuted as arms smugglers simply for carrying ordinary business products in their luggage, the law as written allows the government to do just that. At the same time, anyone who is aware of and who tries to follow the regulations is made to jump through pointless hoops that are so obscure that even the people charged with enforcing them don't know quite what to make of them. Copyright 1995 by Matt Blaze. All rights reserved. Electronic redistribution permitted provided this article is reproduced in its entirety. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% OPEN LETTER TO WIRED MAGAZINE By Chris Goggans (phrack@well.sf.ca.us) To Whom It May Concern: I am writing this under the assumption that the editorial staff at Wired will "forget" to print it in the upcoming issue, so I am also posting it on every relevant newsgroup and online discussion forum that I can think of. When I first read your piece "Gang War In Cyberspace" I nearly choked on my own stomach bile. The whole tone of this piece was so far removed from reality that I found myself questioning what color the sky must be in Wired's universe. Not that I've come to expect any better from Wired. Your magazine, which could have had the potential to actually do something, has become a parody...a politically correct art-school project that consistently falls short of telling the whole story or making a solid point. (Just another example of Kapor-Kash that ends up letting everyone down.) I did however expect more from Josh Quittner. I find it interesting that so much emphasis can be placed on an issue of supposed racial slurs as the focus of an imaginary "gang war," especially so many years after the fact. It's also interesting to me that people keep overlooking the fact that one of the first few members of our own little Legion of Doom was black (Paul Muad'dib.) Maybe if he had not died a few years back that wouldn't be so quickly forgotten. (Not that it makes a BIT of difference what color a hacker is as long as he or she has a brain and a modem, or these days at least a modem.) I also find it interesting that a magazine can so easily implicate someone as the originator of the so-called "fighting words" that allegedly sparked this online-battle, without even giving a second thought as to the damage that this may do to the person so named. One would think that a magazine would have more journalistic integrity than that (but then again, this IS Wired, and political correctness sells magazines and satisfies advertisers.) Thankfully, I'll only have to endure one month of the "Gee Chris, did you know you were a racist redneck?" phone calls. It's further odd that someone characterized as so sensitive to insults allegedly uttered on a party-line could have kept the company he did. Strangely enough, Quittner left out all mention of the MOD member who called himself "SuperNigger." Surely, John Lee must have taken umbrage to an upper-middle class man of Hebrew descent so shamefully mocking him and his entire race, wouldn't he? Certainly he wouldn't associate in any way with someone like that...especially be in the same group with, hang out with, and work on hacking projects with, would he? Please, of course he would, and he did. (And perhaps he still does...) The whole "racial issue" was a NON-ISSUE. However, such things make exciting copy and garner many column inches so keep being rehashed. In fact, several years back when the issue first came up, the statement was cited as being either "Hang up, you nigger," or "Hey, SuperNigger," but no one was sure which was actually said. Funny how the wording changes to fit the slant of the "journalist" over time, isn't it? I wish I could say for certain which was actually spoken, but alas, I was not privy to such things. Despite the hobby I supposedly so enjoyed according to Quittner, "doing conference bridges," I abhorred the things. We used to refer to them as "Multi-Loser Youps" (multi-user loops) and called their denizens "Bridge Bunnies." The bridge referred to in the story was popularized by the callers of the 5A BBS in Houston, Texas. (A bulletin board, that I never even got the chance to call, as I had recently been raided by the Secret Service and had no computer.) Many people from Texas did call the BBS, however, and subsequently used the bridge, but so did people from Florida, Arizona, Michigan, New York and Louisiana. And as numbers do in the underground, word of a new place to hang out caused it to propagate rapidly. To make any implications that such things were strictly a New York versus Texas issue is ludicrous, and again simply goes to show that a "journalist" was looking for more points to add to his (or her) particular angle. This is not to say that I did not have problems with any of the people who were in MOD. At the time I still harbored strong feelings towards Phiber Optik for the NYNEX-Infopath swindle, but that was about it. And that was YEARS ago. (Even I don't harbor a grudge that long.) Even the dozen or so annoying phone calls I received in late 1990 and early 1991 did little to evoke "a declaration of war." Like many people, I know how to forward my calls, or unplug the phone. Amazing how technology works, isn't it? Those prank calls also had about as much to do with the formation of Comsec as bubble-gum had to do with the discovery of nuclear fission. (I'm sure if you really put some brain power to it, and consulted Robert Anton Wilson, you could find some relationships.) At the risk of sounding glib, we could have cared less about hackers at Comsec. If there were no hackers, or computer criminals, there would be no need for computer security consultants. Besides, hackers account for so little in the real picture of computer crime, that their existence is more annoyance than something to actually fear. However, when those same hackers crossed the line and began tapping our phone lines, we were more than glad to go after them. This is one of my only rules of action: do whatever you want to anyone else, but mess with me and my livelihood and I will devote every ounce of my being to paying you back. That is exactly what we did. This is not to say that we were the only people from the computer underground who went to various law enforcement agencies with information about MOD and their antics. In fact, the number of hackers who did was staggering, especially when you consider the usual anarchy of the underground. None of these other people ever get mentioned and those of us at Comsec always take the lead role as the "narks," but we were far from alone. MOD managed to alienate the vast majority of the computer underground, and people reacted. All in all, both in this piece, and in the book itself, "MOD, The Gang That Ruled Cyberspace," Quittner has managed to paint a far too apologetic piece about a group of people who cared so very little about the networks they played in and the people who live there. In the last 15 years that I've been skulking around online, people in the community have always tended to treat each other and the computers systems they voyeured with a great deal of care and respect. MOD was one of the first true examples of a groupthink exercise in hacker sociopathy. Selling long distance codes, selling credit card numbers, destroying systems and harassing innocent people is not acceptable behavior among ANY group, even the computer underground. There have always been ego flares and group rivalries in the underground, and there always will be. The Legion of Doom itself was FOUNDED because of a spat between its founder (Lex Luthor) and members of a group called The Knights of Shadow. These rivalries keep things interesting, and keep the community moving forward, always seeking the newest bit of information in a series of healthy one-upsmanship. MOD was different. They took things too far against everyone, not just against two people in Texas. I certainly don't condemn everyone in the group. I don't even know a number of them (electronically or otherwise.) I honestly believe that Mark Abene (Phiber) and Paul Stira (Scorpion) got royally screwed while the group's two biggest criminals, Julio Fernandez (Outlaw) and Allen Wilson (Wing), rolled over on everyone else and walked away free and clear. This is repulsive when you find out that Wing in particular has gone on to be implicated in more damage to the Internet (as Posse and ILF) than anyone in the history of the computing. This I find truly disgusting, and hope that the Secret Service are proud of themselves. Imagine if I wrote a piece about the terrible treatment of a poor prisoner in Wisconsin who was bludgeoned to death by other inmates while guards looked away. Imagine if I tried to explain the fact that poor Jeff Dahmer was provoked to murder and cannibalism by the mocking of adolescent boys who teased and called him a faggot. How would you feel if I tried to convince you that we should look upon him with pity and think of him as a misunderstood political prisoner? You would probably feel about how I do about Quittner's story. 'Hacker' can just as easily be applied to "journalists" too, and with this piece Quittner has joined the Hack Journalist Hall of Fame, taking his place right next to Richard Sandza. Quittner did get a few things right. I do have a big cat named Spud, I do work at a computer company and I do sell fantastic t-shirts. Buy some. With Love, Chris Goggans aka Erik Bloodaxe %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% WHEN BIGOTRY OUTPACES TECHNOLOGY By Douglas Welch dewelch@pop.com Previously published in the Los Angeles Times, Monday, December 19, 1994. Page B15 Note: Electronic re-posting is ALLOWED but NO PAPER REPRINTS or inclusion in online digests without written permission from the author. All postings must retain this notice. Copyright (c) 1994 Douglas E. Welch dewelch@pop.com 76625,3301 * Communications: We need to attack the message, not the modem, to ensure on-line services are free from censorship. As each new technology marches onto the scene, there are some who instantly blame all the ills of society on it. Groups calling for the censorship of computer networks are forgetting that it is not the technology that is causing the problem, but the people using the technology. Instead of targeting the authors of hate speech on the computer networks, they are targeting the networks themselves. This only reinforces the immediate need for on-line computer services to be protected by the federal government as "common carriers," like telephone utilities. Hatemongers and bigots have always been a part of human society. Through ignorance and bullying, they gather their flock, but it is through open debate, education and reasoned discourse that they are best confronted. Instead, professed anti-hate groups are attacking the providers of on-line services in an effort to force them to remove offensive messages or prevent their posting. Rather than using the technology to fight back and denounce hate speech, they are seeking to remove the freedom of speech altogether. Were the situation reversed, I am sure you would hear them decrying the evils of censorship as loudly as they call for it now. Telephone companies cannot be sued when offensive or illegal calls are placed through their systems. On-line services deserve the same kind of "common carrier" status. There is no reason on-line services should have to be both provider and policeman. This places them in danger of being a censor. On-line users have several simpler options. They can merely ignore the message with the press of a key or set their "kill file" to ignore messages of certain content or from a certain user. Ultimately, on-line services provide users the chance to engage these hatemongers in a forum free of physical threat with hopes of liberating their narrow focus. The immediacy of posting a response can only be found in the on-line world. On-line services are no passing fad. they are rapidly gaining popularity on par with telephone and fax service. We need to stop treating on-line services like something new and ensure that they are free from censorship pressures. Censorship has always been defined as a "slipperly slope" that can easily lead to a repression of ideas and a lower quality of life. Whether we communicate via paper, phone lines or on-line computer services, our freedom of speech should be protected. Hate groups should be targeted for their messages, not how they send them. Douglas E. Welch is a computer consultant. He can be reached at dewelch@pop.com. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% LETTER FROM STEVE CASE; RE: CHILD PORN ON AOL By Steve Case Ever since we first launched America Online we've remained committed to fostering an electronic community that provides a fun, enjoyable and enriching experience for all members. We've asked our members to honor the privilege of interactivity, and we've strictly enforced our Terms of Service to help foster the kind of community of which we can all be proud. Recently, however, some material has been brought to our attention by some of our members which involves illegal activity -- the trading of images in electronic mail which appear to be child pornography. Upon receiving the material, and verifying that it was a violation of our Terms of Service, and in all likelihood illegal, we immediately contacted the FBI and terminated the accounts of the senders. While we recognize that any community around the United States with more than 1.5 million citizens will have its share of illegal activity, we were nonetheless disheartened to find that some members are abusing the communications features of AOL in this way. We simply will not tolerate such illegal activity on America Online. To anyone who may be using America Online for illegal purposes, be advised that we will terminate the accounts of those participating and we will notify the proper authorities of any illegal activity that is brought to our attention. Our policy is that all private communications -- including e-mail, instant messages, and private chat rooms -- are strictly private. We do not, will not, and legally cannot monitor any private communications. But if we are alerted to a potential offense and we are sent evidence, as we were recently, we will vigorously pursue the matter. In this case, electronic mail was forwarded to our attention by our members, and as recipients of the mail we were able to turn the material over to the authorities. We have over 250 people who help us provide assistance in the public areas of the service and give guidance to members who are new or who have questions. Of late, we've had a growing problem with member-created rooms whose title and discussion violate our Terms of Service. Member-created rooms have always been a unique and much-valued aspect of America Online. Often, these rooms provide the seeds for new special interest forums that later emerge. But as more members abuse the privilege and establish rooms that suggest illegal activity, or detract from the enjoyment of others with offensive titles, we are faced with looking at a higher level of safeguards as it relates to member-created rooms. We simply cannot keep up with the sheer volume of rooms created, and as a result, from time to time rooms that violate TOS remain open for some period of time. We're looking at several alternatives to improve the situation. We don't want to see our members denied the privilege of this fun and creative interactive environment due to the abuses of a few, but at the same time we do feel some action is warranted to safeguard this popular "neighborhood" in our community. Unfortunately, this is not the first time we have encountered this problem, nor is it unique to AOL. In 1991, we were faced with a similar situation. At that time, we went to our members -- as we're doing now -- advised them of the situation and asked for their help. And recently, recognizing the potential for abuses in this emerging medium, online service providers banded together to sponsor a "child safety" brochure that gives parents tips and guidelines to foster a productive and safe environment for children online. A copy of this brochure can be found in the Parents Information Center, keyword: Parents. We encourage parents to take the time to review it. In addition we strongly encourage parents to monitor their children's use of this medium, much as they would any other medium such as television, magazines, etc. We've also implemented "parental controls" which allow parents to restrict their children's online access. Each one of us needs to respect and honor the privileges of this electronic community. If you haven't reviewed our Terms of Service, take a few minutes now and do so. If you observe what you believe may be illegal activity on AOL, bring it to our attention. The problem is not widespread -- we believe only a mere fraction of this community is involved. Let's work together to insure that America Online remains the kind of community that you want your friends and family to enjoy. Thanks for your continued support. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%----------------- LEE HARVEY OSWALD DIED FOR YOUR SINS By Gordon Fagan, Conspiracy Editor (flyer@io.com) With all the hubbub over the OJ Simpson trial currently getting under way, I thought it would be a good idea to get people to rethink their conception of what justice is about in another matter. Where there was no trial, not even real charges - just accusations, a bullet and 30+ years of government approved postmortem derision as an insane killer. We've all seen the movie JFK which is probably more than most of you want to hear on the subject in the first place, so I'll just leave each of you - in particular, those who have no interest in the JFK assassination conspiracy but can't get enough of that OJ, with the following... It has been said that the American people are the only jury that Lee Harvey Oswald will ever have. It is our responsibility, then, to examine with utmost care and objectivity the evidence for and against him, and to reach an independent verdict - Sylvia Meagher Jim Garrison's closing statement to the jury State of Louisiana vs. Clay Shaw, 1969 May it please the court. Gentlemen of the jury: I know you're very tired. You've been very patient. This final day has been a long one, so I'll speak only a few minutes. In his argument, Mr. Dymond posed one final issue which raises the question of what we do when the need for justice is confronted by power. So, let me talk to you about a question of whether or not there was government fraud in this case. A question Mr. Dymond seems to want us to answer. A government is a great deal like a human being. It's not necessarily all good, and it's not necessarily all bad. We live in a good country. I love it and you do, too. Nevertheless, the fact remains that we have a government which is not perfect. There have been since November the 22nd of 1963, and that was not the last, indications that there is an excessive power in some parts of our government. It is plain that the people have not received all of the truth about some of the things which have happened, about some of the assassinations which have occurred, and more particularly about the assassination of John Kennedy. Going back to when we were children, I think most of us, probably all of us in this courtroom, once thought that justice came into being of its own accord, that that virtue was its own regard, that good would triumph over evil. In short, that justice occurred automatically. Later, when we found that this wasn't quite so, most of us still felt hopeful that at least occurred frequently of its own accord. Today, I think that almost all of us would have to agree that there is really no machinery, not on this earth at least, which causes justice to occur automatically. Men still have to make it occur. Individual human beings have to make it occur. Otherwise, it doesn't come into existence. This is not always easy. As a matter of fact, it's always hard, because justice presents a threat to power. In order to make justice come into being, you often have to fight power. Mr. Dymond raised the question; "Why don't we say it's all a fraud and charge the government with fraud, if that is the case?" Let me be explicit, then, and make myself very clar on this point. The goverment's handling of the investigation of John Kennedy's murder was a fraud. It was the greatest fraud in the history of our country. It probably was the greatest fraud ever perpetrated in the history of humankind. That doesn't mean that we have to accept the continued existence of the kind of government which allows this to happen. We can do something about it. We're not forced either to leave this country or accept the authoritarianism that has developed. The authoritarianism that tells us that in the year 2039 we can see the evidence about what happened to John Kennedy. Government does not consist only of secret police and domestic espionage operations and generals and admirals. Government consists of people. It also consists of juries. And in the cases of murder, whether the poorest individual or the most distinguished citizen in the land, should be looked at openly in a court of law, where juries can pass on them and not be hidden, not be buried like the body of the victim beneath concrete for countless years. You men in recent weeks have heard witnesses that no one else in the world has heard. You've seen the Zapruder film. You've seen what happened to your President. I suggest to you that you know right now that, in that area at least, a fraud has been perpetrated. That does not mean that our government is entirely bad - and I want to emphasize that. It does mean, however that in recent years, through the development of excessive power because of the Cold War, forces have developed in our government over which there is no control and these forces have an authoritarian approach to justice; meaning, they will let you know what justice is. Well, my reply to them is that we already know what justice is. It is the decision of the people passing on the evidence. It is the jury system. In the issue which is posed by the government's conduct in concealing the evidence in this case, in the issue of humanity as opposed to power, I have chosen humanity, and I will do it again without hesitation. I hope every one of you will do the same. I do this because I love my country and because I want to communicate to the government that we will not accept unexplained assassinations with the casual information that if we live seventy-five years longer, we might be given more evidence. In this particular case, massive power was brought to bear to prevent justice from ever coming into the courtroom. The power to make authoritarian pronouncements, the power to manipulate the news media by the release of false information, the power to interfere with an honest inquiry and the power to provide an endless variety of experts to testify in behalf of that power, repeatedly was demonstrated in this case. The American people have yet to see the Zapruder film. Why? The American people have yet to see and hear from real witnesses to the assassination. Why? Because, today in America too much emphasis is given to secrecy, with regard to the assassination of our President, and not enough emphasis is given to the question of justice and to the question of humanity. These dignified deceptions will not suffice. We have had enough of power without truth. We don't have to accept power without truth or else leave the country. I don't accept power without truth or else leave the country. I don't accept either of these two alternatives. I don't intend to leave the country and I don't intend to accept power without truth. I intend to fight for the truth. I suggest that not only is this not un-American, but it is the most American thing we can do, because if truth does not endure, then our country will not endure. In our country the worst of all crimes occurs when the government murders truth. If it can murder truth, it can murder freedom. If it can murder freedom it can murder your own sons, if they should dare to fight for freedom, and then it can announce that they were killed in an industrial accident, or shot by the "enemy" or God knows what. In this case, finally, it has been possible to bring the truth about the assassination into a court of law, not before a commission composed of important and politically astute men, but before a jury of citizens. Now, I suggest to you that yours is a hard duty, because in a sense what you're passing on is the equivalent to a murder case. The difficult thing about passing on a murder case is that the victim is out of your sight and buried a long distance away, and all you can see is the defendant. It's very difficult to identify with someone you can't see, and sometimes it's hard not to identify to some extent with the defendant and his problems. In that regard, every prosecutor who is at all humane is concious of feeling sorry for the defendant in every case he prosecutes. But he is not free to forget the victim who lies buried out of sight. I suggest to you that, if you do your duty, you also are not free to forget the victim who is buried out of sight. Tennyson once said that "authority forgets a dying king." This was never more true than in the murder of John Kennedy. The strange and deceptive conduct of the government after his murder began while his body was still warm, and has continued for five years. You have even seen in this courtroom indications of interest of part of the government power structure in keeping truth down, in keeping the grave closed. We presented a number of eyewitnesses as well as an expert witness as well as the Zapruder film, to show that the fatal wound of the President came from the front. A plane landed from Washington and out stepped Dr. Finck for the defense, to counter the clear and apparent evidence of a shot from the front. I don't have to go into Dr. Finck's testimony in detail for you to show that it simply does not correspond to the facts. He admitted that he did not complete the autopsy because a general told him to not complete the autopsy. In this conflict between power and justice, to put it that way, just where do you think Dr. Finck stands? A general who is not a pathologist, told him not to complete the autopsy, so he didn't complete it. This is not the way I want my country to be. When our president is killed he deserves the kind of autopsy that the ordinary citizens get every day in the state of Louisana. And the people deserve the facts about it. We can't have the government power suddenly interjecting itself and preventing the truth from coming to the people. Yet, in this case, before the sun rose the next morning, power had moved into the situation and the truth was being concealed. And now, five years later in this courtroom the power of the government in concealing the truth is continuing in the same way. We presented eyewitnesses who told you of the shots coming from the grassy knoll. A plane landed from Washington, and out came ballistics expert Frazier for the defense. Mr. Frazier explanation of the sound of the shots coming frm the front, which was heard by eyewitness after eyewitness, was that Lee Oswald created a sonic boom in his firing. Not only did Oswald break all of the world's records for marksmanship, but he broke the sound barrier as well. I suggest to you, that if any of you have shot on a firing range, and most of you probably in the service, you were shooting rifles in which the bullet travelled faster than the speed of sound. I ask you to recall if you ever heard a sonic boom. If you remember when you were on the firing line, and they would say, "ready on the left - ready on the right - ready on the firing line - commence firing," you heard the shots coming from the firing line, to the left of you and to the right of you. If you had heard as a result of Mr. Frazier's fictional sonic boom, firing coming at you from the pits, you would have had a reaction which you would still remember. Mr. Frazier's sonic boom simply doesn't exist. It's a part of the fraud, a part of the continuing government fraud. The best way to make this country the kind of country it's supposed to be is to communicate to the government that no matter how powerful it may be, we do not accept these frauds. We do not accept these false announcements. We do not accept the concealment of evidence with regard to the murder of President Kennedy. Who is the most believable? A Richard Randolph Carr, seated here in a wheelchair and telling you what he saw and what he heard and how he was told to shut his mouth, or Mr. Frazier and his sonic booms? Do we really have to actually reject Mr. Newman and Mrs. Newman and Mr. Carr and Roger Craig and the testimony of all those honest witnesses, reject all this and accept the fraudulent Warren Commission, or else leave the country? I suggest to you that there are other alternatives. Once of them has been put in practice in the last month in the State of Louisiana, and that is to bring out the truth in a proceeding where attorneys can cross-examine, where the defendant can be confronted by testimony against him, where the rules of evidence are applied and where a jury of citizens can pass on it, and where there is no government secrecy. Above all, where you do not have evidence concealed for seventy-five years in the name of "national security." All we have in this case are the facts. Facts which show that the defendant participated in the conspiracy to kill the President and that the President was subsequently killed in an ambush. The reply of the defense has been the same as the early reply of the government in the Warren Commission. It has been authority, authority, authority. The President's seal outside of each volume of the Warren Commission Report, made necessary because there is nothing inside these volumes. Men of high position and prestige sitting on a board, and announcing the results to you, but not telling you what the evidence is, because the evidence has to be hidden for seventy-five years. You heard in this courtroom in recent weeks, eyewitness after eyewitness after eyewitness and, above all, you saw one eyewitness which was indifferent to power, the Zapruder film. The lens of the camera is totally indifferent to power and it tells what happened as it saw it happen, and that is one of the reasons 200 million Americans have not seen the Zapruder film. They should have seen it many times. They should know exactly what happened. They all should know what you know now. Why hasn't all of this come into being if there hasn't been government fraud? Of course there has been fraud by the government. But I'm telling you now that I think we can do something about it. I think that there are still enough Americans left in this country to make it continue to be America. I think that we can still fight authoritarianism, the government's insistence on secrecy, government force used in counterattacks against an honest inquiry, and when we do that, we're not being un-American, we're being American. It isn't easy. You're sticking your neck out in a rather permanent way, but it has to be done because truth does not come into being automatically. Justice does not happen automatically. Individual men, like the members of my staff here, have to work and fight to make it happen, and individual men like you have to make justice come into being because otherwise it doesn't happen. What I'm trying to tell you is that there are forces in America today, unfortunately, which are not in favor of the truth coming out about John Kennedy's assassination. As long as our government continues to be like this, as long as such forces can get away with such actions, then this is no longer the country in which we were born. The murder of John Kennedy was probably the most terrible moment in the history of our country. Yet, circumstances have placed you in the position where not only have you seen the hidden evidence but you are actually going to have the opportunity to bring justice into the picture for the first time. Now, you are here sitting in judgement on Clay Shaw. Yet you, as men, represent more than jurors in an ordinary case because the victims in this case. You represent, in a sense, the hope of humanity against government power. You represent humanity, which yet may triumph over excessive government power. If you will cause it to be so, in the course of doing your duty in this case. I suggest that you ask not what your country can do for you but what you can do for your country. What can you do for your country? You can cause justice to happen for the first time in this matter. You can help make our country better by showing that this is still a government of the people. And if you do that, as long as you live, nothing will ever be more important. --------------------------- Since you read all the way through, you might be interested in more information. You can check out alt.conspiracy.jfk at your favourite USENET site and see the still active coverup covering up. Now including a phoney "Oswald did it alone" FAQ posting from a .mil address. The internet equivalent to Gerald Posner's "Case Closed." Though less well written, it includes about the same amount of real research. There are some good people on the newsgroup as well and they have a large and growing body of info on display regularly. Another excellent source is the web site for Fair Play magazine: http://www.kaiwan.com/~ljg/fp.html -31 and counting- -----------------