AOH :: P26-09.TXT

Phrack World News XXVI/Part 1



				==Phrack Inc.==

		     Volume Three, Issue 26, File 9 of 11

	    PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
	    PWN 						PWN
	    PWN        P h r a c k   W o r l d	 N e w s	PWN
	    PWN        %%%%%%%%%%%   %%%%%%%%%	 %%%%%%%	PWN
	    PWN 	       Issue XXVI/Part 1		PWN
	    PWN 						PWN
	    PWN 		April 25, 1989			PWN
	    PWN 						PWN
	    PWN 	 Created, Written, and Edited		PWN
	    PWN 	      by Knight Lightning		PWN
	    PWN 						PWN
	    PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN


Welcome to Issue XXVI of Phrack World News.  This issue features articles on
Robert Tappen Morris, ITT, Telenet, PC Pursuit, a hacker's convention in
Holland, government wiretapping, viruses, social security numbers, a rivalry
between two different factions of TAP Magazine and much more.

As we are getting closer to SummerCon '89, it is becoming increasingly
more important for us to get an idea of who to be expecting and who we need to
contact to supply with further information.

Since we only communicate directly with a select group of people at this time,
we recommend that you contact Red Knight, Aristotle, or Violence (or other
members of the VOID hackers).  These people will in turn contact us and then we
can get back to you.  Keep in mind that only people who are able to contact us
will be receiving the exact location of SummerCon '89.

Please do not wait till the last minute as important information and changes
can occur at any time.

:Knight Lightning
_______________________________________________________________________________

Cornell Panel Concludes Morris Responsible For Computer Worm	  April 6, 1989
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
By Dennis Meredith (Cornell Chronicle)

Graduate student Robert Tappan Morris Jr., working alone, created and spread
the "worm" computer program that infected computers nationwide last November,
concluded an internal investigative commission appointed by Provost Robert
Barker.

The commission said the program was not technically a "virus" -- a program that
inserts itself into a host program to propagate -- as it has been referred to
in popular reports.  The commission described the program as a "worm," an
independent program that propagates itself throughout a computer system.

In its report, "The Computer Worm," the commission termed Morris's behavior "a
juvenile act that ignored the clear potential consequences."  This failure
constituted "reckless disregard of those probable consequences," the commission
stated.

Barker, who had delayed release of the report for six weeks at the request of
both federal prosecutors and Morris's defense attorney, said, "We feel an
overriding obligation to our colleagues and to the public to reveal what we
know about this profoundly disturbing incident."

The commission had sought to determine the involvement of Morris or other
members of the Cornell community in the worm attack.  It also studied the
motivation and ethical issues underlying the release of the worm.

Evidence was gathered by interviewing Cornell faculty, staff, and graduate
students and staff and former students at Harvard University, where Morris had
done undergraduate work.

Morris declined to be interviewed on advice of counsel.  Morris had requested
and has received a leave of absence from Cornell, and the university is
prohibited by federal law from commenting further on his status as a student.

The commission also was unable to reach Paul Graham, a Harvard graduate student
who knew Morris well.  Morris reportedly contacted Graham on November 2 1988,
the day the worm was released, and several times before and after that.

Relying on files from Morris's computer account, Cornell Computer Science
Department documents, telephone records, media reports, and technical reports
from other universities, the commission found that:

     - Morris violated the Computer Sciences Department's expressed policies
       against computer abuse.	Although he apparently chose not to attend
       orientation meetings at which the policies were explained, Morris had
       been given a copy of them.  Also, Cornell's policies are similar to
       those at Harvard, with which he should have been familiar.

     - No member of the Cornell community knew Morris was working on the worm.
       Although he had discussed computer security with fellow graduate
       students, he did not confide his plans to them.	Cornell first became
       aware of Morris's involvement through a telephone call from the
       Washington Post to the science editor at Cornell's News Service.

     - Morris made only minimal efforts to halt the worm once it had
       propagated, and did not inform any person in a position of
       responsibility about the existence or content of the worm.

     - Morris probably did not intend for the worm to destroy data or files,
       but he probably did intend for it to spread widely.  There is no
       evidence that he intended for the worm to replicate uncontrollably.

     - Media reports that 6,000 computers had been infected were based on an
       initial rough estimate that could not be confirmed.  "The total number
       of affected computers was surely in the thousands," the commission
       concluded.

     - A computer security industry association's estimate that the worm caused
       about $96 million in damage is "grossly exaggerated" and "self-serving."

     - Although it was technically sophisticated, "the worm could have been
       created by many students, graduate or undergraduate ... particularly if
       forearmed with knowledge of the security flaws exploited or of similar
       flaws."

The commission was led by Cornell's vice president for information
technologies, M. Stuart Lynn.  Other members were law professor Theodore
Eisenberg, computer science Professor David Gries, engineering and computer
science Professor Juris Hartmanis, physics professor Donald Holcomb, and
Associate University Counsel Thomas Santoro.

Release of the worm was not "an heroic event that pointed up the weaknesses of
operating systems," the report said.  "The fact that UNIX ... has many security
flaws has been generally well known, as indeed are the potential dangers of
viruses and worms."

The worm attacked only computers that were attached to Internet, a national
research computer network and that used certain versions of the UNIX operating
system.  An operating system is the basic program that controls the operation
of a computer.

"It is no act of genius or heroism to exploit such weaknesses," the
commission said.

The commission also did not accept arguments that one intended benefit of the
worm was a heightened public awareness of computer security.

"This was an accidental by-product of the event and the resulting display of
media interest," the report asserted.  "Society does not condone burglary on
the grounds that it heightens concern about safety and security."

In characterizing the action, the commission said, "It may simply have been the
unfocused intellectual meandering of a hacker completely absorbed with his
creation and unharnessed by considerations of explicit purpose or potential
effect."

Because the commission was unable to contact Graham, it could not determine
whether Graham discussed the worm with Morris when Morris visited Harvard about
two weeks before the worm was launched.  "It would be interesting to know, for
example, to what Graham was referring to in an Oct. 26 electronic mail message
to Morris when he inquired as to whether there was 'Any news on the brilliant
project?'" said the report.

Many in the computer science community seem to favor disciplinary measures for
Morris, the commission reported.

"However, the general sentiment also seems to be prevalent that such
disciplinary measures should allow for redemption and as such not be so harsh
as to permanently damage the perpetrator's career," the report said.

The commission emphasized, that this conclusion was only an impression from its
investigations and not the result of a systematic poll of computer scientists.

"Although the act was reckless and impetuous, it appears to have been an
uncharacteristic act for Morris" because of his past efforts at Harvard and
elsewhere to improve computer security, the commission report said.

Of the need for increased security on research computers, the commission wrote,
"A community of scholars should not have to build walls as high as the sky to
protect a reasonable expectation of privacy, particularly when such walls will
equally impede the free flow of information."

The trust between scholars has yielded benefits to computer science and to the
world at large, the commission report pointed out.

"Violations of that trust cannot be condoned.  Even if there are unintended
side benefits, which is arguable, there is a greater loss to the community
as a whole."

The commission did not suggest any specific changes in the policies of the
Cornell Department of Computer Science and noted that policies against computer
abuse are in place for centralized computer facilities.  However, the
commission urged the appointment of a committee to develop a university-wide
policy on computer abuse that would recognize the pervasive use of computers
distributed throughout the campus.

The commission also noted the "ambivalent attitude towards reporting UNIX
security flaws" among universities and commercial vendors.  While some computer
users advocate reporting flaws, others worry that such information might
highlight the vulnerability of the system.

"Morris explored UNIX security amid this atmosphere of uncertainty, where there
were no clear ground rules and where his peers and mentors gave no clear
guidance," the report said.

"It is hard to fault him for not reporting flaws that he discovered.  From his
viewpoint, that may have been the most responsible course of action, and one
that was supported by his colleagues."

The commission's report also included a brief account of the worm's course
through Internet.  After its release shortly after 7:26 p.m. on November 2,
1988, the worm spread to computers at the Massachusetts Institute of
Technology, the Rand Corporation, the University of California at Berkeley and
others, the commission report said.

The worm consisted of two parts -- a short "probe" and a much larger "corpus."
The problem would attempt to penetrate a computer, and if successful, send for
the corpus.

The program had four main methods of attack and several methods of defense to
avoid discovery and elimination.  The attack methods exploited various flaws
and features in the UNIX operating systems of the target computers.  The worm
also attempted entry by "guessing" at passwords by such techniques as
exploiting computer users' predilections for using common words as passwords.

The study's authors acknowledged computer scientists at the University of
California at Berkeley for providing a "decompiled" version of the worm and
other technical information.  The Cornell commission also drew on analyses of
the worm by Eugene H. Spafford of Purdue University and Donn Seeley of the
University of Utah.
_______________________________________________________________________________

People Vs. ITT Communications Services, Inc.			 March 29, 1989
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
       NOTICE OF CLASS ACTION AND PROPOSED SETTLEMENT TO CERTAIN CURRENT
       AND FORMER CUSTOMERS OF UNITED STATES TRANSMISSION SYSTEMS, INC.
	       (NOW KNOWN AS ITT COMMUNICATIONS SERVICES, INC.)

By order of the United States District Court for the Eastern District of
Michigan, PLEASE TAKE NOTICE THAT:

A class action lawsuit has been filed on behalf of certain former and current
customers against United States Transmission Systems, Inc., now known as ITT
Communications Services, Inc., hereinafter referred to as "USTS."  The Court
has preliminarily approved a settlement of this lawsuit.

YOU ARE URGED TO READ THIS NOTICE CAREFULLY BECAUSE IT AFFECTS YOUR RIGHTS AND
WILL BE BINDING ON YOU IN THE FUTURE.

I. NOTICE OF A PENDING CLASS ACTION

A. Description of the Lawsuit

   Plaintiffs have sued USTS, alleging that USTS charged customers for certain
   unanswered phone calls, holding time, busy signals, and central office
   recorded messages, hereinafter referred to as "unanswered calls," without
   adequately disclosing such charges to their customers or the public.
   Plaintiffs seek to present their own claims for charges for unanswered
   calls, as well as the claims of other current and former USTS customers for
   similar charges.

   USTS denies the violations alleged by plaintiffs, and contends that at all
   times, USTS has charged its subscribers fairly and properly and has
   disclosed fully and fairly the basis for its long distance charges.	USTS
   has agreed to settle plaintiff's suit solely to avoid the expense,
   inconvenience and disruption of further litigation.

   This notice is not an expression of any opinion by the Court of the merits
   of this litigation or of the Settlement Agreement.  The Complaint, the
   Settlement Agreement and other pleadings in this case may be inspected
   during normal business hours at the office of the Clerk of the United States
   District Court for the Eastern District of Michigan, 231 West Lafayette
   Boulevard, Detroit, MI 48226.

B. The Settlement Class

   Plaintiffs and USTS have entered into a Settlement Agreement, which has been
   preliminarily approved by the Court.  Under the terms of the Settlement
   Agreement, the parties have agreed, for purposes of settlement only, that
   this suit has been brought on behalf of the following class of persons
   similarly situated to Plaintiffs, hereinafter known as "the Class":

   All persons and entities that subscribed to and utilized the long distance
   telephone service of USTS or its predecessor ITT Corporate Communication
   Services, Inc., referred to collectively hereinafter as "USTS," at any time
   during the period January 1, 1979 through December 31, 1985.

C. How to Remain a Class Member

   If you were a subscriber to and utilized USTS' long distance service at any
   time during this period, you are a member of the Class.  You need do nothing
   to remain a member of the Class and participate in the benefits this
   settlement will provide.  If you remain in the Class, you will be bound by
   the results of the settlement and/or the lawsuit.

D. How to Exclude Yourself From the Class

   You are not required to be a member of the Class.  Should you decide that
   you do not want to me a member of the Class, you must send an Exclusion
   Notice that states your name, your current address, and your desire to be
   excluded from the Class to the Clerk of the United States District Court for
   the Eastern District of Michigan at the address given at the end of this
   Notice, postmarked no later than April 20, 1989.  If you choose to be
   excluded from the Class, you may not participate in the settlement.	You
   will not, however, be bound by any judgment dismissing this action and you
   will be free to pursue on your own behalf any legal rights you may have.


 II. TERMS OF THE SETTLEMENT

    The Settlement Agreement requires USTS to provide to Class members up to
    750,000 minutes of long distance telephone credits having a maximum value,
    at 30 cents per minute, of $225,000, hereinafter known as the "Settlement
    Credits," and cash refunds up to a maximum of $50,000.  These benefits are
    available to Class members who file a proof of claim in a timely manner as
    described in Section III below.  Class members may choose one benefit from
    the following options:

    A. A *standardized credit* toward USTS long distance telephone service of
       $1.50 for each year from 1979 through 1985 in which the Class member (i)
       was a USTS customer, and (ii) claims that s/he was charged by USTS for
       unanswered calls; or

    B. A *standardized cash refund* of 90 cents for each year from 1979 through
       1985 in which the Class member was (i) was a USTS customer and (ii)
       claims that s/he was charged by USTS for unanswered calls; or,

    C. An *itemized credit* toward USTS long distance service of 30 cents for
       each minute of unanswered calls for which the Class member was charged
       during the Class period (January 1, 1979 through December 31, 1985) and
       for which the Class member has not been previously reimbursed or
       credited; or,

    D. An *itemized cash refund* of 30 cents for each minute of unanswered
       calls for which the Class member charged during the Class period
       (January 1, 1979 through December 31, 1985) and for which the Class
       member has not been previously reimbursed or credited.

    To obtain an *itemized* credit or cash refund, the Class member must
    itemize and attest to each unanswered call for for which a refund or credit
    is claimed.  If the total credits claimed by Class members exceed 750,000
    credit minutes, each Class member claiming Settlement Credits will receive
    his/her/its pro rata share of the total Settlement Credits available.

    Class members need not be current USTS customers to claim the standardized
    and itemized credits.  USTS will automatically open an account for any
    Class member who requests credits and executes an authorization to open
    such an account.  If a Class member incurs a local telephone company
    service charge in connection with the opening of a USTS account, USTS will
    issue a credit to the Class member's account for the full amount of such
    service charge upon receipt of the local telephone company's bill for the
    service charge.  USTS is not responsible for any other service charge that
    a local telephone company may impose for ordering, using or terminating
    USTS service.

    The Settlement Agreement requires USTS to pay the costs of giving this
    Notice (up to a maximum of $120,000) and of administering the settlement
    described above.

    The Settlement Agreement further provides that upon final approval of the
    settlement, the Court will enter a judgment dismissing with prejudice all
    claims of plaintiffs and members of the Class that have been or might have
    been asserted in this action and that relate to USTS' billing practices and
    disclosure practices for unanswered calls.

    Counsel for the Class have investigated the facts and circumstances
    regarding the claims against USTS and their defenses.  In view of those
    circumstances, counsel for the Class have concluded that this Settlement
    Agreement is fair and reasonable, and in the best interests of the Class.


III. HOW TO FILE A CLAIM

    To receive Settlement Credits or a Cash Refund, you must first obtain a
    Proof of Claim Notice; then provide all the information requested and
    return it to the Clerk of the Court postmarked no later than June 30, 1989.


To obtain claim forms:			    To file completed claim form:

USTS Class Action Claim Administrator	    Clerk of the United States Court
ITT Communication Services, Inc.	    ATTN: USTS Settlement
100 Plaza Drive 			    231 W. Lafayette Blvd. Room 740
Secaucus, NJ 07096			    Detroit, MI 48226

If you have any further questions about this Notice, or the filing of Proof of
Claim, *write* to the USTS Action Claim Administrator at the above address.  If
you have any questions about this lawsuit or your participation therein as a
member of the Class, *write* to lead counsel for plaintiffs --

Sachnoff Weaver & Rubenstein, Ltd.
ATTN: USTS Settlement
30 South Wacker Drive, Suite 2900
Chicago, IL 60606

Always consult your own attorney for legal advice and questions which concern
you about your rights in any class action matter.

DO NOT telephone the Court.

DO NOT telephone the attorneys for plaintiff.

DO NOT telephone the Claims Administrator; any office of USTS or any of its
       employees.

DO NOT telephone any Telephone Company asking for information on this matter.
       Only *written correspondence filed in a timely manner will be considered
       by the Court.
_______________________________________________________________________________

Telenet Announces New PC Pursuit Terms				  April 9, 1989
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Earlier this year, Telenet announced new terms for the PC Pursuit program,
which placed time limits on the use of the service, and set new rates for
usage of the service.

	       ***** Most of the deal has been called OFF *****

In a letter dated March 29, 1989 from Floyd H. Trogdon, Vice President and
General Manager of Network Services announced several revisions in the earlier
plans.	His latest letter supersedes all previous memos and usage agreements,
and becomes effective July 1, 1989.

There will be THREE membership plans:

     o	REGULAR membership will be $30 per month for up to 30 hours of
	non-prime time (evenings and weekend) use.  This can be used by the
	subscriber only.  No others allowed to use it.

     o	FAMILY membership will be $50 per month for up to 60 hours of non-prime
	time (evenings and weekend) use.  This can be used by the subscriber
	and any immediate family members in the same household.  If a single
	person expected to use more than 30 hours per month, s/he would still
	buy this "family" plan, even if the entire "family" consisted of just
	one person.

     o	HANDICAPPED membership will be $30 per month for up to 90 hours of
	non-prime time (evening and weekend) use.  To qualify for these terms,
	proof of physical handicap must be provided.  Ask Telenet for the exact
	terms.

EXCESS HOURS over 30 (or 60/90) per month during non-prime time hours will be
billed at $3.00 per hour.  This is a decrease from the earlier proposed charge
of $4.50 per hour.

PRIME-TIME USAGE will be billed at $10.50 per hour, regardless of how much time
may be remaining on the PCP membership plan.

The billing will be in arrears each month.  That is, the July usage will be
billed in August, etc.	Call detail will be automatically provided to any
subscriber going over thirty hours per month.

GRACE PERIOD/FORGIVENESS:  All calls will be given a one minute grace period
for the purpose of establishing the connection.  There will never be a charge
for calls lasting one minute or less.  If you disconnect promptly when you see
that your call will not complete for whatever reason, there will be no charge.

There will be a two minute minimum on all connections (after the first minute
has passed).  Otherwise, times will be rounded to the *nearest* minute for
billing purposes.

NEW PASSWORDS AND USER I.D.'s FOR EVERYONE:  During April, 1989, all current
subscribers to PC Pursuit will be issued new passwords and new user identities.
On May 1, 1989, all existing passwords and ID's will be killed.

New users after July 1, 1989 will pay $30 to set up an account.  Password
changes will be $5.00.	*Existing* users will never have to pay a fee to adjust
their account upward or downward from regular < == > family plans.  Call detail
will be provided in June, 1989 to users with more than 30 hours of usage to
help them determine which plan they should use; however there will be no charge
for extra hours until July.

Because of the confusion and lack of good communication between Telenet and its
users over the past few months, the official change in terms from unlimited use
to measured use has been postponed from its original starting date in June to
July 1.

These are just excerpts from the letter to subscribers posted on the Net
Exchange BBS.  If you subscribe to PC Pursuit, I recommend you sign on and read
the full memo, along with the accompanying Terms and Conditions and price
schedules.

Remember, any changes you may have made in February/March in anticipation of
the changeover originally planned for May/June are now void.  Telenet has
stated all users will be defaulted to REGULAR memberships effective July 1
unless they specifically make changes to this during the months of May and
June.

		   Telenet Customer Service:  1-800-336-0437
		   Telenet Telemarketing:     1-800-TELENET

Sign up via modem with credit card number handy:  1-800-835-3001.

To read the full bulletins, log onto Net Exchange by calling into your local
Telenet switcher and connecting to  '@pursuit'.
_______________________________________________________________________________

AOH Site layout & design copyright © 2006 AOH