Computer underground Digest Sun Apr 28, 1996 Volume 8 : Issue 33 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Field Agent Extraordinaire: David Smith Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #8.33 (Sun, Apr 28, 1996) File 1--Kevin Mitnick Pleads Guilty to Hacking Charges File 2--Scientology Lawsuits (Legal Bytes, Vol 4, No. 1) File 3--The CDA's Silver Lining (from: Legal Bytes, Vol 4, No. 1) File 4--Werd, be there or die -- (Summercon 96) File 5--Amer. Fam. Assoc. Demands investigation of Compuserve File 6--Cu Digest Header Info (unchanged since 7 Apr, 1996) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Thu, 25 Apr 1996 07:32:29 -0400 (EDT) From: Q*Bert Subject: File 1--Kevin Mitnick Pleads Guilty to Hacking Charges (originally from Rogue Agent ::: ) RETURN TO STATESIDE: Mitnick pleads guilty to hacking charges Copyright (C) 1996 Nando.net LOS ANGELES (Apr 22, 1996 10:01 p.m. EDT) -- Reputed information highway bandit Kevin D. Mitnick, who has allegedly violated some of the nation's most protected computer systems, pleaded guilty Monday to hacking-related charges. ................... The 32-year-old man, who the government once called a "computer terrorist," also admitted to possessing other people's drivers' licenses in the Raleigh, N.C. , apartment where he was arrested. Pfaelzer also found he violated probation in a 1989 conviction. He is charged with 23 counts of computer fraud. ................... Mitnick faces a maximum of 20 years in prison, but prosecutors were loathe to speculate on how long he will actually serve, saying it depends on how Pfaelzer interprets sentencing guidelines. The sentencing is scheduled for July 15. Prosecutors were hardly crowing about the plea, which had been repeatedly delayed. There are other charges that could be filed against him, said Assistant U.S. Attorney David J. Schindler. "This does not resolve this case entirely ... The investigation continues." If Mitnick pleaded not guilty, his case would have gone back to North Carolina for trial. After the hearing, Mitnick was led away in handcuffs by federal marshals. He is being detained at a federal jail in downtown Los Angeles. ................... He was later accused of causing millions of dollars in damage to MCI, Inc., and also allegedly produced a false report stating that the late Security Pacific Bank lost $400 million during the first quarter of 1988. That was four days after the bank turned him down for a job, because he did not inform them of his criminal record. Mitnick pleaded guilty in 1989 in Los Angeles to stealing computer programs and illegally intruding into computer networks in the U.S. and England. He was sentenced to one year in prison. ................... While the government has portrayed Mitnick as a threat to national security, the pudgy, bespectacled man's grandmother, Reba Vartanian, said prosecutors and others are out to "hyping" her grandson's case. The Las Vegas woman said there is a different side to his life that the media has never reported. She said his reputation as a computer hacker made it impossible for him to find work and to have a normal life. ................... ------------------------------ Date: Fri, 26 Apr 1996 20:41:17 -0400 From: PeteK1@AOL.COM Subject: File 2--Scientology Lawsuits (Legal Bytes, Vol 4, No. 1) Spring 1996, Volume 4, Number 1 __________________________________ By George, Donaldson & Ford, L.L.P. Attorneys at Law 114 West Seventh Street, Suite 1000 Austin, Texas 78701 (512) 495-1400 (512) 499-0094 (FAX) gdf@gdf.com http://www.gdf.com __________________________________ Copyright (c) 1996 George, Donaldson & Ford, L.L.P. (Permission is granted freely to redistribute this newsletter in its entirety electronically.) ___________________________________ David H. Donaldson, Jr., Publisher, dhdonald@gdf.com Peter D. Kennedy, Editor, pkennedy@gdf.com 2. THE SCIENTOLOGY LAWSUITS AND LAWYER LETTERS: THE PROBLEM FACED BY ON-LINE SERVICES WHO GET NOTICE OF USERS' ALLEGED VIOLATIONS The Jihad. A fierce battle has been raging both on line and in courtrooms across the country between the Church of Scientology and a handful of its former members. Disillusioned with the church, these former members have posted large amounts of the church's purportedly secret and sacred texts on a Usenet newsgroup devoted to debating Scientology. The church, claiming these texts are trade secrets and copyrighted, has responded with a fierce litigation strategy that has ensnared third parties from the Washington Post (which printed portions of the texts) to the Internet access giant Netcom (which distributed the alt.religion.scientology newsgroup containing the texts). The Scientology litigation -- brought in federal courts in Virginia, Colorado and California under the name of the church's parent corporation, the "Religious Technology Center" -- has spawned the most extensive group yet of legal rulings concerning the scope of on-line copyright protection. The Scientology church claims that its litigation is redefining on-line copyright law, and to a great extent it is right. Take away the controversial nature of the Scientology religion and the reportedly silly nature of much of its "scripture," and the Scientology lawsuits have concretely raised core issues about the scope of copyright protection in the new world of decentralized, democratized and vastly expanded distribution and copying offered by the Internet, as well as the responsibilities of the system administrators who facilitate communications through interconnected computer networks. This article does not attempt a comprehensive review of all the questions raised by the Scientology cases, but rather discusses two interrelated issues that have so far gained little attention -- (1) the competing tension between copyright and defamation law in whether prior review of on-line content is necessary or wise, and (2) what the proper response should be to a demand to remove offending material from a system. The sysops' old dilemma. Prior to the Scientology litigation, case law directly concerning on-line copyright liability was limited to two trial court decisions, PLAYBOY ENTERPRISES, INC. v. FRENA and SEGA ENTERPRISES, LTD. v. MAPHIA. The core holding of these two cases, particularly FRENA, seemed to be a strong affirmation of the principle of strict liability in copyright law. Under FRENA, system operators would be liable for copyright infringement, even if they were unaware of the infringing files on their system, because their systems facilitated unauthorized copying and distribution. See "BBS Sysop Liability for Copyright Infringement: Let the Operator Beware!," Legal Bytes, Vol 2, No. 1. The FRENA decision was criticized for not giving sufficient weight to the sysop's denial that he knew about the offending images, but because it was one of just two rulings on the subject, it carried considerable weight. After FRENA and MAPHIA, the common wisdom recommended a hands-on approach to avoid liability for copyright infringement -- reviewing all files before making them publicly available. The hands-on approach to avoid copyright violations has been, as lawyers say, "in some tension" with two well-known cases concerning on-line services' liability for defamation. In 1991, a New York federal court held in CUBBY v. COMPUSERVE that CompuServe was not responsible for the content of a newsletter it carried, because it did not review the newsletter and exercised no editorial control over it. Because CompuServe acted as a conduit or distributor, it was not actually "publishing" the newsletter. See "Are Electronic Bulletin Board System Operators Liable for their Users' Libellous Statements," Legal Bytes, Vol 1, No. 1. Four years later, a New York state court ruled the other way about another service, Prodigy, in STRATTON OAKMONT v. PRODIGY. Because Prodigy, unlike CompuServe, had marketed itself as a family system, had reviewed the content of postings and claimed the right to edit them, it was a "publisher" and had to answer for the truth of defamatory statements made by its users. Like FRENA, the PRODIGY case has been criticized and may well be wrong, but like FRENA, it has carried considerable weight because of a scarcity of precedent. After CUBBY and PRODIGY, the common wisdom was that on-line services should not review the content of messages passing through unless they want to answer for their truth, which is not easy. Hands off. Interactive services have thus been facing a real dilemma about the content they carry that is provided by others, even before anyone complains -- hands on (to avoid possible liability for copyright infringement) or hands off (to avoid becoming a "publisher" of defamation)? Although it may seem glacial to those directly affected, the law is actually moving with relative speed to address this unworkable problem. On the defamation front, Congress has enacted the Communications Decency Act of 1996, which for all the vitriol directed to it, has a bright side: it contains a provision which broadly protects interactive services from liability for libels posted by others. See "The Communications Decency Act's Silver Lining," in this issue. Under this new federal law, STRATTON OAKMONT v. PRODIGY is overruled on-line services do not become the "publisher" of on-line content they did not create, even if they actively restrict access to "objectionable" materials. On the copyright front, a recent decision may foretell a relaxation of the harsh and potentially unfair results of the strict liability rule as applied by the court in FRENA. While no court will tolerate flagrant encouragement or participation in copyright infringement, the FRENA court's conclusion that the sysops' knowledge is entirely irrelevant will likely be eased. = This step toward balancing copyright protection and on-line communications is taking place in the Scientology litigation, particularly in the decision from the California lawsuit involving Netcom On-Line Communications Services. Netcom avoids liability for direct infringement. Using a local-access BBS, a disillusioned former Scientology minister, Dennis Erlich, posted portions of the Scientology religious tracts on the Usenet newsgroup alt.religion.scientology. = The local-access BBS got its Usenet feed though Netcom On-Line Communications Services, a national Internet access provider. When the Church of Scientology learned of Erlich's postings, it sued him in federal court in San Francisco, demanded that the local BBS and Netcom cut Erlich's access off, and when they didn't, sued the BBS and Netcom for copyright infringement. The church relied on the FRENA case and argued that Netcom was liable because copyright law is strict liability. Because this case (and all the Scientology cases) involved Usenet, rather than a small, dial-up BBS, the threat of strict liability upped the stakes considerably. Usenet traffic carries vast amounts of material, much of it encoded, only loosely organized, all of it unsolicited by the system administrator and overseen by no one. No Internet access provider could hope to review Usenet for potential copyright violations before making the 20,000 or more newsgroups available. But the penalties for even unintentional copyright infringement are draconian -- seizure orders, injunctions, damages of up to $20,000 for each violation, not to mention paying the other side's attorney's fees and costs. In a long, carefully written opinion issued November 21, 1995, Judge Whyte did not follow the logic of Frena to impose strict liability. RELIGIOUS TECHNOLOGY CENTER v. NETCOM ON-LINE COMMUNICATION SERVICES, INC., 907 F. Supp. 1361 (N.D. Cal. 1995). = "Although copyright is a strict liability statue," he wrote, "there should still be some element of volition or causation which is lacking where a defendant's system is merely used to create a copy by a third party." Netcom was not liable for direct copyright infringement, because there was no such "volition" - the copyright and distribution happened as a natural part of Usenet, without any direct action by Netcom in relation to the offending messages. = While Netcom escaped the claim of direct infringement, it did not fare as well against the church's claim of "contributory infringement," as we will see. The sysops' new dilemma -- what to do about notice of an alleged violation? The holding in NETCOM that on-line services -- at least Internet service providers -- are not liable for direct copyright infringement for materials passing through their system, if adopted broadly, will give interactive services some relief from what had been an unknown and unknowable legal exposure. A different issue arises, though, when an on-line service is given notice of an alleged violation -- whether copyright infringement or libel. There is a fundamental difference in on- line publication from paper publication -- on line, the material is continuously available thanks to the on-line service, while the traditional print distributor delivers the publication and is done with it. Can a lawyers' demand letter change the playing field, and force a "hands off" on-line distributor like Netcom or CompuServe to review its contents and decide whether to remove offending postings -- upon pain of a civil lawsuit? The Church of Scientology demanded that Netcom remove the texts from its server. Netcom refused to remove the texts without better proof of a copyright violation, and while the texts automatically rolled off Netcom's servers after 11 days, this did not happen until they had passed on to Usenet and thence around the world. The church claimed that Netcom's inaction, if not a direct infringement, still made it liable because it could have easily prevented the world-wide distribution. Judge Whyte was convinced, at least in theory. He ruled that Netcom's inaction in the face of the church's demands could make it liable for contributory copyright infringement. Netcom had made a static argument -- that it should never be liable for copyright infringement, because it can never know beforehand whether a Usenet posting violates a copyright. But Judge Whyte took a more dynamic view -- while Netcom is not responsible for infringement of which it had no notice, he held that it cannot sit idly by once it is presented with proof of a copyright violation. He thought that Netcom's failure to cancel the postings after receiving the demand letter was a "substantial participation" in the distribution that invokes contributory liability, and that if Netcom "knew or should have known" that the postings infringed the church's copyright, it would be liable. But what proof is enough to show that an on-line service "knew or should have known" of an infringement? Judge Whyte held that the church's demand letter and Netcom's refusal to even look at the allegedly infringing material was enough evidence to send the case to trial. This "knew or should have known" standard obviously does not provide concrete guidance, particularly because the question is whether Netcom "should have known" that Erlich's postings were infringing the church's copyright is a really a legal one, and hardly an easy one at that. However, the court's opinion does at least allow a system administrator, ideally with help from a knowledgeable lawyer, to focus on particular questions: Does the notice of violation identify which materials are at issue? Does it provide specific evidence of copyright ownership or just a vague claim? Does the posting constitute fair use? Demands to remove offending material are becoming commonplace, and they put on-line services in a jam. Unlike traditional publishers like Time or The Washington Post, on-line services are not staffed to review materials for legal problems like libel, invasion of privacy or even copyright infringement. On-line services are in the access and distribution business; they create relatively little content themselves. How much effort does an on- line service have to put into evaluating these demands? While the safest course would be always to accede to threats, doing so is inconsistent with the traditional wide-open, robust debate that makes the Internet what it is. The NETCOM case bears watching as these questions have arisen, but have not yet been answered. It is also not clear yet whether the CDA's broad protection from libel lawsuits will protect on-line services after they are made aware of offending statements. See "The Communications Decency Act's Silver Lining," in this issue. Stay tuned; as sure as the sun rises in the east, there will be more lawsuits over on-line services' responsibility for their users' actions. ------------------------------ Date: Fri, 26 Apr 1996 20:41:17 -0400 From: PeteK1@AOL.COM Subject: File 3--The CDA's Silver Lining (from: Legal Bytes, Vol 4, No. 1) Spring 1996, Volume 4, Number 1 __________________________________ By George, Donaldson & Ford, L.L.P. Attorneys at Law 114 West Seventh Street, Suite 1000 Austin, Texas 78701 (512) 495-1400 (512) 499-0094 (FAX) gdf@gdf.com http://www.gdf.com __________________________________ Copyright (c) 1996 George, Donaldson & Ford, L.L.P. (Permission is granted freely to redistribute this newsletter in its entirety electronically.) ___________________________________ David H. Donaldson, Jr., Publisher, dhdonald@gdf.com Peter D. Kennedy, Editor, pkennedy@gdf.com 3. THE COMMUNICATIONS DECENCY ACT'S SILVER LINING Until now, two court opinions -- CUBBY v. COMPUSERVE and STRATTON OAKMONT v. PRODIGY -- have dominated any discussion about whether interactive computer services are responsible for what users say on line. See "The Scientology Lawsuits and Lawyers' Letters," in this issue; "BBS Sysop Liability for Copyright Infringement: Let the Operator Beware!," Legal Bytes, Vol 2, No. 1. The two cases (simplified) are seen as opposites: CompuServe, the "hands off" network, escaped liability for a newsletter carried on its system, while Prodigy, supposedly a "hands on" publisher with control over its users' postings, was forced to answer for a user's defamatory words. All this has been changed now, and by a most unlikely law. The very Communications Decency Act of 1996 which is reviled throughout the on-line world for its controversial restrictions on "indecent" communications, also includes a very broad protection for on-line services from tort liability. Congress passed this provision specifically to overrule the STRATTON OAKMONT ruling. Section 508 of the CDA, which will be codified at 47 U.S.C. 15 230(c)(1), states: No provider or user of an interactive computer service shall be treated as a publisher or speaker of any information provided by another information content provider. The law defines "information content provider" broadly as "any person or entity that is responsible, in whole or in part, for the creation or the development of information provided through the Internet or any other interactive computer service." 47 U.S.C. 15 230(e)(3). So long as the interactive computer service does not create the content ("in whole or in part"), it cannot be found to be the "publisher." The CDA also prohibits a court from holding any provider or user of an interactive computer service liable because it (1) makes efforts to screen material; or (2) provides the means by which to screen material. This attacks from another angle the STRATTON OAKMONT ruling, where the Court considered Prodigy's "dirty word" filtering software in concluding it exercised editorial control over its users and so was a "publisher." The CDA leaves no doubt that it is meant to pre-empt all state tort laws: "No cause of action may be brought and no liability may be imposed under any State or local law that is inconsistent with this section." 47 U.S.C. 15 230(d)(3). Apparently, when the CDA was being drafted, the interactive computer service industry objected to the "indecency" prohibition because it might require the services to aggressively filter or review on-line content, even if they had not been doing so. And under STRATTON OAKMONT, this would make them the "publisher" of everything their services carried. Section 509 was added as an attempt to address this concern, without removing the controversial "indecency" prohibition. Now, under the CDA, an on-line service is no longer legally the "publisher" or "speaker" of other people's words. Therefore, federal law preclude a finding of an essential element -- publication -- in any defamation claim in any of the 50 states against an on-line service, when the complaint is about someone else's words (as in CUBBY and STRATTON OAKMONT). For the same reason, the CDA would also precludes liability for any related tort (such as "false light" and "disclosure of private facts") that requires a finding of publication. No doubt the CDA's breadth will be tested. For example, when has an interactive service created content "in part" so that it cannot take advantage of Section 509? And does Section 509 preclude, as its language appears to, defamation claims based on the continued availability of on-line libel even after an on-line service has been asked, but has failed or refused, to remove it? In any case, discussions of on-line liability can no longer begin and end with CUBBY and STRATTON OAKMONT -- Congress has profoundly changed the landscape with Section 509 of the CDA. ------------------------------ Date: Tue, 23 Apr 1996 17:30:19 -0400 (EDT) From: Q*Bert Subject: File 4--Werd, be there or die -- (Summercon 96) Phrack Magazine and Cult of the Dead Cow proudly present: The 1996 Summer Security Conference "SUMMERCON IX" June 15th, 1996 Georgetown Holiday Inn Washington D.C. This is the official announcement and open invitation to the 1996 incarnation of Summercon. In the past, Summercon was an invite-only hacker gathering held annually in St. Louis, Missouri. Starting in 1995, SummerCon became an open event to any and all interested parties: Hackers, Phreaks, Pirates, Virus Writers, System Administrators, Law Enforcement Officials, Neo-Hippies, Secret Agents, Teachers, Disgruntled Employees, Telco Flunkies, Journalists, New Yorkers, Programmers, Conspiracy Nuts, Musicians, Nudists, and Rug Sucking Wannabes. Senators Exon and Coats, and all the rest of the flaming assholes who voted for the CDA will be ejected from the confrence if they show their weasely faces. Censors for SOL.com, Deutsch Bundestpost officials, and other flaming losers. Piss off, We MADE CyberSpace, you just tried to BUY it. LOCATION: The Georgetown Holiday Inn 2101 Wisconsin Ave. NW Washington, DC The hotel is located in scenic Georgetown, close to the Mall and the Smithsonian Museums as well as all the major tourist attractions in D.C... Georgetown itself is a major tourist area, with many fine shops, restaurants, PUBS and NIGHTCLUBS located there. If you can't figure out anything to do here, you need to get a life pretty badly. DIRECTIONS: from I66 coming east: Just keep going east. Take the Key Bridge exit off of 66, the bridge will be a left at the 3rd light after you take the exit. It's hard to miss, keep left and you will be forced over the bridge pretty much. On the other side of the bridge, take a right on M street (right and left being the ONLY choices possible.) keep right on the bridge and you will again be forced onto M street. Go down M and take a left at the second or third light. Go up 2-3 blocks and take a right (either or), and proceed to Wisconsin Ave. Take a left on Wisconsin. There is NO left turn from M st. onto Wisconsin, thus the diverse route. (Hey welcome to DC, run by the U.S. Congress who act as if they) (have been smoking crack, and Mayor Barry, who actually has.) (You will soon discover the same logic that brought you the CDA.) >From MD and 95 North: Take 95 south to 495 towards Northern Virginia. Take the George Washington Parkway South to Key Bridge. Follow I66 East directions above rest of the way from Key bridge. >From VA and 95 South: Get on 395 North follow signs to National Airport. At National Airport, turn around and follow directions to hotel from National Airport below. (No, we aren't fucking with your head, this is really the right way) >From National Airport: Tell the cabbie to take you to the hotel. OR Take George Washington Parkway to the Key Bridge / Rosslyn Exit. Follow I66 East directions from above from Key Bridge. >From Dulles Airport: Tell the cabbie to take you to the hotel. OR Take the Dulles Access road back southeast away from the Airport. This will dump you out on I66 eastbound. (See above) If you are trying to get TO Dulles, take I66 westbound and get in the right hand lane after the Sycamore St. exit, and veer to the right to take the next exit to the airport. Get in the left hand lane, and stay there to avoid being on the toll road. There is a parallel road that leads to the airport, but it's a local toll highway, stay left and avoid giving Virginia money unnecessarily. Taxis: The average airport fare runs around $20 from national, to $30 for Dulles. Your mileage may vary however with local road conditions. CONFERENCE INFO: It has always been our contention that cons are for socializing. "Seekret Hacker InPh0" is never really discussed except in private circles, so the only way anyone is going to get any is to meet new people and take the initiative to start interesting conversations. Because of this, the formal speaking portion of Summercon will be held on one day, not two or three, leaving plenty of time for people to explore the city, compare hacking techniques, or go trashing and clubbing with their heretofore unseen online companions. If you are coming from out of town and want the full hacker/tourist experience, we will informally meet in the lobby of the Georgetown Holiday Inn Friday, June 14th, 1996, at 2pm. From there we will have an informal hacker sight-seeing tour of DC, including the FBI headquarters and other interesting (and legal) places to go. The sight-seeing will converge with DC locals and mall security at 2600 in Pentagon City Mall Friday, June 14th, 1996, at 6pm. Although this isn't the first Friday of the month, this is definitely an official 2600 meeting, and likely to be the biggest one ever. This informal meeting will be held until about 8pm. The formal conference will be held on Saturday, June 15th, 1996, from 10am to 6pm (with a break for lunch). There will be a variety of speakers, panel discussions, demonstrations, and other events guaranteed to keep everyone entertained. No video or audio tapes will be allowed in the conference room. No still photography will be permitted in the conference room without prior permission of all those being photographed. Violation of these policies expresses your consent for the aggrived parties to pound you flat. There will be no selling of t-shirts, disks, firewalls, payphones, etc. in or around the conference area without prior permission of the organizers. If you are interested in demoing or selling something, please contact us at the address listed at the bottom. Violation of these provisions expresses your consent for the organizers to pound you flat. There will however be a charity wAr3Z drive, please bring your tax deductible donation of pirated software on media you don't need back, for deposit and free redistribution amongst the n33Dy. We ARE what YOU want to BE. SPEAKERS: The speakers list for Summercon IX is still being finalized, but it is sure to be even more dynamic and interesting than previous years. Speakers at Summercon '95 included such people as ex-CIA agent Robert Steele, author Winn Shwartau, Cypherpunk founder Eric Hughes, movie producer Annaliza Savage, and numerous past and present minions of UUSoft Technologies. Will the last cool UUSoft employee to leave please turn off the lights and lock the door. If you are an expert in some aspect of computer, network, or telco security and are interested in speaking at Summercon, please contact us to discuss the possibility further at the address listed at the end of this document. We are also going to be having short speeches by real hackers or phreakers giving their own perspective on some issue or insight into a new technology. This is an open invitation for you hackers to be heard; just provide us with a brief outline of the topic you will be covering and the amount of time you will take (suggested: 5 - 15 minutes) at the address listed below. COSTS: Costs for SummerCon IX are as follows: Secret Service / F.B.I. Rate: $500.00 Government / Institutional Rate: $ 80.00 Hacker / Individual Rate: $ 20.00 Members of the United States Secret Service, and anyone that has in the past or currently is providing information or services to the Secret Service are required to pay the 'Secret Service Rate'. Cliffy, PMF, Gail, Agent Steele, this means you. Employees of a local, state, or federal government, members and associates of any L.E.O., and employees of any corporation working in the area of computer security must pay the 'Government / Institutional Rate'. Anyone that does not fit into one of the above categories is eligible for the 'Individual / Hacker Rate'. Due to historical lack of interest, there will not be pre-registration for the conference. Registration will begin at 9am the day of the conference, and will continue for the duration of the conference or until the meeting facilities have reached their capacity. Since the latter is likely to occur, it is suggested you don't oversleep, but hangovers are OK. No purchase orders, checks, money orders, foreign currency, stock certificates, IOUs, or coins will be accepted for registration. Secret Service agents, small unmarked bills only, please. Sorry for this being a bit more expensive than last year for the hackers, DC seems to be a more expensive place to hold a conference and the expenses are several times what they were in Atlanta. Bring money for t-shirts, they are cool, and if don't buy one you are lame anyhow and don't fucking deserve it! HOTEL INFORMATION: Georgetown Holiday Inn 2102 Wisconsin Ave NW Washington, DC Phone Number: (202) 338-4600 The cost for a double occupancy room at the Georgetown Holiday Inn is $99. There is no special conference rate, there is no need to mention you are with a conference at all, the people in reservations probably won't know what you are talking about anyhow. The $99 rate is however a a special rate being held by Holiday Inn, so don't be afraid to tell them so if they try to quote you a higher rate. If the hotel is damaged in any manner, you are going to pay for it, and you will probably end up in jail. And even if you are lucky enough to get away with it, the rest of the hackers staying at the hotel will end up paying for it, and I'm sure that's going to make you a well-liked and respected hacker, especially among some of the bigger hackers who might feel tempted to inflict bodily harm on someone who causes any damage to the hotel. Please act responsibly, don't drink and drive, chew all your food before you swallow, don't swallow your gum, and recycle. CONTACTING SUMMERCON ORGANIZERS: You can contact the Summercon organizers through e-mail. If you haven't figured out e-mail yet, you probably shouldn't be coming to Summercon. As a final note, if you are planning on coming to Summercon, we would appreciate you sending e-mail to us with the subject of "GOING TO SCON" or something similar, just so that we have a rough idea of how many people are going to show up. E-mail: scon@2600.com ------------------------------ Date: Fri, 19 Apr 1996 14:39:43 -0800 From: telstar@wired.com (--Todd Lappin-->) Subject: File 5--Amer. Fam. Assoc. Demands investigation of Compuserve Although the courts are still debating the constitutionality of the Communications Decency Act, the Cyberporn Witch Hunt of 1996 is already getting underway... On April 1, 1996, the American Family Association -- a fundamentalist group based in Mississippi -- sent a letter to Attorney General Janet Reno demanding that the Department of Justice launch a criminal investigation of CompuServe. The letter, signed by Patrick A. Trueman, Director of Governmental Affairs for the AFA, reads as follows: "I am writing to urge a criminal investigation of H&R Block, Inc. and Compuserve for potential violations of the Communications Decency Act. CompuServe, a division of H&R Block, Inc., as of Friday, March 29, 1996, is offering pornography and other sexually oriented material on its on-line service to its users, including children... I hope that you will have an investigator review material available to children on CompuServe and take appropriate action." As Barry Steinhardt, Associate Director of the ACLU, explains in the following article, "This just proves what we've maintained all along: This law, this Communications Decency Act, is going to be a vehicle for the radical religious right to impose its brand of morality on the rest of the country." (Many thanks go out to the kind folks at the San Jose Mercury News for graciously giving me permission to redistribute the full text of this article to you now.) Read on for details, and of course... Work the network! --Todd Lappin--> Section Editor WIRED Magazine =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D COMPUSERVE CALLED INDECENT CHRISTIAN GROUP SAYS ON-LINE SERVICE VIOLATES TELECOMMUNICATIONS ACT. By RORY J. O'CONNOR Mercury News Washington Bureau April 19, 1996 (Re-distributed by permission from the San Jose Mercury News: http://www.sjmercury.com) WASHINGTON -- A fundamentalist Christian group has demanded a federal criminal investigation of the CompuServe on-line service, alleging that it has violated anti-smut provisions in a recently enacted telecommunications law. The American Family Association, based in Tupelo, Miss., asked the Justice Department to investigate in an April 1 letter to Attorney General Janet Reno. The organization's letter is apparently the first complaint lodged under terms of the Communications Decency Act, a controversial part of the sweeping rewrite of U.S. telecommunications law passed in February. The law makes it a crime to transmit ''indecent'' material via computer in such a way that children might view it. The act, largely crafted by Sen. James Exon, D-Neb., was bitterly contested by computer users and civil libertarians. Proponents said the law would make cyberspace a safer place for children. Opponents said it would chill free speech on-line, criminalizing material that would be protected under the First Amendment if it were printed on paper. A group of plaintiffs, led by the American Civil Liberties Union, sued the Justice Department in February seeking to overturn the law as unconstitutional. The case is still pending. The department has agreed in court not to conduct formal investigations into violations of the law, or to indict or prosecute anyone under it, while the case is pending, a spokesman said. The AFA maintains the Communications Decency Act is far too weak and was gutted in Congress to placate computer industry interests. In the letter to the Justice Department, the group alleged CompuServe offers ''pornography and other sexually oriented materials . . . to its users, including children.'' The group singled out a service called Mac Glamour, an adult forum that, among other things, offers color photos of nude women. The service was promoted on CompuServe's ''What's New'' screen when subscribers connected at the end of March. CompuServe clearly marks the forum as an adult area and gives instructions to users how they can block the service from their computers. Among the controls provided by CompuServe, the main subscriber in a household, who must be an adult, can block access to adult sites from his or her account. The Mississippi group says that isn't sufficient. In a household that hadn't blocked the adult area, the invitation could have been seen and the images viewed by a minor, it said. ''This is exactly the kind of incident that Congress, in drafting the bill, anticipated,'' said Patrick Trueman, director of government affairs for the AFA in Washington. ''The objection we had was that it was available to children. If this isn't prosecutable, I don't know what is.'' CompuServe did not respond to repeated calls seeking comment. But an industry group representing on-line service providers, the Information Services Association, said the letter to Reno was designed to interfere in the pending court case. ''It's clearly a publicity device during an important juncture in the litigation,'' said Bob Smith, the association's executive director. He called the law's language a ''vague and unclear standard that could make a wide range of material, including medical information and certain literature, illegal as well.'' The Justice Department said it had received the letter but wouldn't act on it until the court case is over. The ACLU called the letter an attempt to coerce commercial services to remove otherwise legal adult material from their computers under threat of the large fines and prison terms spelled out in the act. ''This just proves what we've maintained all along: This law, this Communications Decency Act, is going to be a vehicle for the radical religious right to impose its brand of morality on the rest of the country,'' said Barry Steinhardt, associate director of the ACLU. ''They are going after Constitutionally protected images.'' Trueman readily acknowledged that the AFA considers the law too weak, and if the CompuServe case isn't prosecuted, ''it's time for Congress to start from scratch.'' He said on-line services should have to automatically block all adult material from view unless a subscriber specifically requests access to it. But civil libertarians and privacy advocates reject that approach, which is the subject of a New York court case concerning an adult public access cable TV channel. ''It would cause a rather large collection of personal data'' about users of adult services, said David Banisar, policy analyst for the Electronic Privacy Information Center in Washington. ''It would be a particularly explosive list that CompuServe could sell, with all sorts of ramifications.'' =A91996 Mercury Center. ------------------------------ Date: Thu, 21 Mar 1996 22:51:01 CST From: CuD Moderators Subject: File 6--Cu Digest Header Info (unchanged since 7 Apr, 1996) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (860)-585-9638. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown) Brussels: STRATOMIC BBS +32-2-5383119 2:291/759@fidonet.org In ITALY: ZERO! BBS: +39-11-6507540 In LUXEMBOURG: ComNet BBS: +352-466893 UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #8.33 ************************************