TUCoPS :: General Information :: sundevil.txt

2600 Magazine's perspective on Sun Devil etc.

 A year ago, we told the stories of Kevin Mitnick and Herbert Zinn,
 two hackers who had been sent to prison. It was then, and still is today,
 a very disturbing chain of events: mischief makers and explorers imprisoned
 for playing with the wrong toys and for asking too many questions. We said
 at the time that it was important for all hackers to stand up to such gross
 injustices. After all, they couldn't lock us all up.
 It now appears that such an endeavor may indeed be on the agendas of
 some very powerful U.S. governmental agencies. And even more
 frightening is the realization that these agencies don't particularly
 care who or what gets swept up along with the hackers, as long as all
 of the hackers get swept up. Apparently, we're considered even more of
 a threat than we had previously supposed.
 In retrospect, this doesn't come as a great deal of a surprise. In
 fact, it now seems to make all too much sense. You no longer have to be
 paranoid or of a particular political mindset to point to the many
 parallels that we've all been witnesses to. Censorship, clampdowns,
 "voluntary" urine tests, lie detectors, handwriting analysis,
 surveillance cameras, exaggerated crises that invariably lead to
 curtailed freedoms.... All of this together with the overall view that
 if you're innocent, you've got nothing to hide. And all made so much
 more effective through the magic of high tech. Who would you target as
 the biggest potential roadblock if not the people who understand the
 technology at work? It appears the biggest threats to the system are
 those capable of manipulating it.
 What we're about to tell you is frightening, plain and simple. You
 don't have to be a hacker to understand this. The words and ideas are
 easily translatable to any time and any culture.
 "We can now expect a crackdown...I just hope that I can pull through
 this one and that my friends can also. This is the time to watch
 yourself. No matter what you are into.... Apparently the government has
 seen the last straw in their point of view.... I think they are going
 after all the 'teachers'...and so that is where their energies will be
 put: to stop all hackers, and stop people before they can become
 This was one of the reactions on a computer bulletin board to a series
 of raids on hackers, raids that had started in 1989 and spread rapidly
 into early 1990. Atlanta, St. Louis, and New York were major targets in
 what was then an undetermined investigation.  This in itself wouldn't
 have been especially alarming, since raids on hackers can almost be
 defined as commonplace. But this one was different. For the very first
 time, a hacker newsletter had also been shut down.
 Phrack was an electronic newsletter published out of St. Louis and
 distributed worldwide. It dealt with hacker and phone phreak matters
 and could be found on nearly all hacker bulletin boards. While dealing
 with sensitive material, the editors were very careful not to publish
 anything illegal (credit card numbers, passwords, Sprint codes, etc.).
 We described "Phrack World News" (a regular column of Phrack) in our
 Summer 1989 edition as "a must-read for many hackers". In many ways
 Phrack resembled 2600, with the exception of being sent via electronic
 mail instead of U.S. Mail. That distinction would prove to be Phrack's
 It now turns out that all incoming and outgoing electronic mail used by
 Phrack was being monitored by the authorities. Every piece of mail
 going in and every piece of mail coming out. These were not pirated
 mailboxes that were being used by a couple of hackers. These had been
 obtained legally through the school the two Phrack editors were
 attending. Privacy on such mailboxes, though not guaranteed, could
 always be assumed. Never again.
 It's fairly obvious that none of this would have happened, none of this
 could have happened had Phrack been a non-electronic magazine. A
 printed magazine would not be intimidated into giving up its mailing
 list as Phrack was. Had a printed magazine been shut down in this
 fashion after having all of their mail opened and read, even the most
 thick-headed sensationalist media types would have caught on: hey,
 isn't that a violation of the First Amendment?
 Those media people who understood what was happening and saw the
 implications were very quickly drowned out in the hysteria that
 followed. Indictments were being handed out. Publisher/editor Craig
 Neidorf, known in the hacker world as Knight Lightning, was hit with a
 seven count indictment accusing him of participating in a scheme to
 steal information about the enhanced 911 system run by Bell South.
 Quickly, headlines screamed that hackers had broken into the 911 system
 and were interfering with emergency telephone calls to the police. One
 newspaper report said there were no indications that anyone had died or
 been injured as a result of the intrusions. What a relief. Too bad it
 wasn't true.
 In actuality there have been very grievous injuries suffered as a
 result of these intrusions. The intrusions we're referring to are those
 of the government and the media. The injuries have been suffered by the
 defendants who will have great difficulty resuming normal lives even if
 all of this is forgotten tomorrow.
 And if it's not forgotten, Craig Neidorf could go to jail for more than
 30 years and be fined $122,000. And for what? Let's look at the
 "It was... part of the scheme that defendant Neidorf, utilizing a
 computer at the University of Missouri in Columbia, Missouri would and
 did receive a copy of the stolen E911 text file from defendant [Robert
 J.] Riggs [located in Atlanta and known in the hacker world as Prophet]
 through the Lockport [Illinois] computer bulletin board system through
 the use of an interstate computer data network.
 "It was further part of the scheme that defendant Neidorf would and did
 edit and retype the E911 Practice text file at the request of the
 defendant Riggs in order to conceal the source of the E911 Practice
 text file and to prepare it for publication in a computer hacker
 "It was further part of the scheme that defendant Neidorf would and did
 transfer the stolen E911 Practice text file through the use of an
 interstate computer bulletin board system used by defendant Riggs in
 Lockport, Illinois.
 "It was further part of the scheme that the defendants Riggs and
 Neidorf would publish information to other computer hackers which could
 be used to gain unauthorized access to emergency 911 computer systems
 in the United States and thereby disrupt or halt 911 service in
 portions of the United States."
 Basically, Neidorf is being charged with receiving a stolen document.
 There is nothing anywhere in the indictment that even suggests he
 entered any computer illegally. So his crimes are receiving, editing,
 and transmitting.
 Now what is contained in this document? Information about how to gain
 unauthorized access to, disrupt, or halt 911 service? Hardly. The
 document (erroneously referred to as "911 software" by the media which
 caused all kinds of misunderstandings) is quoted in Phrack Volume 2,
 Number 24 and makes for one of the dullest articles ever to appear in
 the newsletter. According to the indictment, the value of this 20k
 document is $79,449. [See story that follows this one]
 Shortly after the indictments were handed down, a member of the Legion
 of Doom known as Erik Bloodaxe issued a public statement. "[A group of
 three hackers] ended up pulling files off [a Southern Bell system] for
 them to look at. This is usually standard procedure: you get on a
 system, look around for interesting text, buffer it, and maybe print it
 out for posterity. No member of LOD has ever (to my knowledge) broken
 into another system and used any information gained from it for
 personal gain of any kind...with the exception of maybe a big boost in
 his reputation around the underground. [A hacker] took the
 documentation to the system and wrote a file about it. There are
 actually two files, one is an overview, the other is a glossary. The
 information is hardly something anyone could possibly gain anything
 from except knowledge about how a certain aspect of the telephone
 company works."
 He went on to say that Neidorf would have had no way of knowing whether
 or not the file contained proprietary information.
 Prosecutors refused to say how hackers could benefit from the
 information, nor would they cite a motive or reveal any actual damage.
 In addition, it's widely speculated that much of this information is
 readily available as reference material.
 In all of the indictments, the Legion of Doom is defined as "a closely
 knit group of computer hackers involved in: a) disrupting
 telecommunications by entering computerized telephone switches and
 changing the routing on the circuits of the computerized switches; b)
 stealing proprietary computer source code and information from
 companies and individuals that owned the code and information; c)
 stealing and modifying credit information on individuals maintained in
 credit bureau computers; d) fraudulently obtaining money and property
 from companies by altering the computerized information used by the
 companies; e) disseminating information with respect to their methods
 of attacking computers to other computer hackers in an effort to avoid
 the focus of law enforcement agencies and telecommunication security
 Ironically, since the Legion of Doom isn't a closely knit group, it's
 unlikely that anyone will be able to defend the group's name against
 these charges -- any defendants will naturally be preoccupied with
 their own defenses. (Incidentally, Neidorf was not a part of the Legion
 of Doom, nor was Phrack a publication of LOD, as has been reported.)
 The Hunt Intensifies
 After learning of the Phrack electronic mail surveillance, one of the
 system operators of The Phoenix Project, a computer bulletin board in
 Austin, Texas, decided to take action to protect the privacy of his
 users. "I will be adding a secure encryption routine into the e-mail in
 the next 2 weeks - I haven't decided exactly how to implement it, but
 it'll let two people exchange mail encrypted by a password only known
 to the two of them.... Anyway, I do not think I am due to be busted...I
 don't do anything but run a board. Still, there is that possibility. I
 assume that my lines are all tapped until proven otherwise. There is
 some question to the wisdom of leaving the board up at all, but I have
 personally phoned several government investigators and invited them to
 join us here on the board. If I begin to feel that the board is putting
 me in any kind of danger, I'll pull it down with no notice - I hope
 everyone understands. It looks like it's sweeps-time again for the
 feds. Let's hope all of us are still around in 6 months to talk about
 The new security was never implemented. The Phoenix Project was seized
 within days.
 And the clampdown intensified still further. On March 1, the offices of
 Steve Jackson Games, a publishing company in Austin, were raided by the
 Secret Service. According to the Associated Press, the home of the
 managing editor was also searched. The police and Secret Service seized
 books, manuals, computers, technical equipment, and other documents.
 Agents also seized the final draft of a science fiction game written by
 the company. According to the Austin American-Statesman, the
 authorities were trying to determine whether the game was being used as
 a handbook for computer crime.
 Callers to the Illuminati bulletin board (run by Steve Jackson Games),
 received the following message:
 "Before the start of work on March 1, Steve Jackson Games was visited
 by agents of the United States Secret Service. They searched the
 building thoroughly, tore open several boxes in the warehouse, broke a
 few locks, and damaged a couple of filing cabinets (which we would
 gladly have let them examine, had they let us into the building),
 answered the phone discourteously at best, and confiscated some
 computer equipment, including the computer that the BBS was running on
 at the time.
 "So far we have not received a clear explanation of what the Secret
 Service was looking for, what they expected to find, or much of
 anything else. We are fairly certain that Steve Jackson Games is not
 the target of whatever investigation is being conducted; in any case,
 we have done nothing illegal and have nothing whatsoever to hide.
 However, the equipment that was seized is apparently considered to be
 evidence in whatever they're investigating, so we aren't likely to get
 it back any time soon. It could be a month, it could be never.
 "To minimize the possibility that this system will be confiscated as
 well, we have set it up to display this bulletin, and that's all. There
 is no message base at present. We apologize for the inconvenience, and
 we wish we dared do more than this."
 Apparently, one of the system operators of The Phoenix Project was also
 affiliated with Steve Jackson Games. And that was all the authorities
 Raids continued throughout the country with reports of more than a
 dozen bulletin boards being shut down. In Atlanta, the papers reported
 that three local LOD hackers faced 40 years in prison and a $2 million
 Another statement from a Legion of Doom member (The Mentor, also a
 system operator of The Phoenix Project) attempted to explain the
 "LOD was formed to bring together the best minds from the computer
 underground - not to do any damage or for personal profit, but to share
 experiences and discuss computing. The group has always maintained the
 highest ethical standards.... On many occasions, we have acted to
 prevent abuse of systems.... I have known the people involved in this
 911 case for many years, and there was absolutely no intent to
 interfere with or molest the 911 system in any manner. While we have
 occasionally entered a computer that we weren't supposed to be in, it
 is grounds for expulsion from the group and social ostracism to do any
 damage to a system or to attempt to commit fraud for personal profit.
 "The biggest crime that has been committed is that of curiosity.... We
 have been instrumental in closing many security holes in the past, and
 had hoped to continue to do so in the future. The list of computer
 security people who count us as allies is long, but must remain
 anonymous. If any of them choose to identify themselves, we would
 appreciate the support."
 And The Plot Thickens
 Meanwhile, in Lockport, Illinois, a strange tale was unfolding. The
 public UNIX system known as Jolnet that had been used to transmit the
 911 files had also been seized. What's particularly odd here is that,
 according to the electronic newsletter Telecom Digest, the system
 operator, Rich Andrews, had been cooperating with federal authorities
 for over a year. Andrews found the files on his system nearly two years
 ago, forwarded them to AT&T, and was subsequently contacted by the
 authorities. He cooperated fully. Why, then, was his system seized as
 well? Andrews claimed it was all part of the investigation, but added,
 "One way to get [hackers] is by shutting down the sites they use to
 distribute stuff."
 The Jolnet raid caused outrage in the bulletin board world,
 particularly among administrators and users of public UNIX systems.
 Cliff Figallo, system administrator for The Well, a public UNIX system
 in California, voiced his concern. "The assumption that federal agents
 can seize a system owner's equipment as evidence in spite of the
 owner's lack of proven involvement in the alleged illegal activities
 (and regardless of the possibility that the system is part of the
 owner's livelihood) is scary to me and should be to anyone responsible
 for running a system such as this."
 Here is a sampling of some of the comments seen around the country
 after the Jolnet seizure:
 "As administrator for Zygot, should I start reading my users' mail to
 make sure they aren't saying anything naughty? Should I snoop through
 all the files to make sure everyone is being good? This whole affair is
 rather chilling."
 "From what I have noted with respect to Jolnet, there was a serious
 crime committed there -- by the [federal authorities]. If they busted a
 system with email on it, the Electronic Communication Privacy Act comes
 into play. Everyone who had email dated less than 180 days old on the
 system is entitled to sue each of the people involved in the seizure
 for at least $1,000 plus legal fees and court costs. Unless, of course,
 the [authorities] did it by the book, and got warrants to interfere
 with the email of all who had accounts on the systems. If they did,
 there are strict limits on how long they have to inform the users."
 "Intimidation, threats, disruption of work and school, 'hit lists', and
 serious legal charges are all part of the tactics being used in this
 'witch-hunt'. That ought to indicate that perhaps the use of pseudonyms
 wasn't such a bad idea after all."
 "There are civil rights and civil liberties issues here that have yet
 to be addressed. And they probably won't even be raised so long as
 everyone acts on the assumption that all hackers are criminals and
 vandals and need to be squashed, at whatever cost...."
 "I am disturbed, on principle, at the conduct of at least some of the
 federal investigations now going on. I know several people who've taken
 their systems out of public access just because they can't risk the
 seizure of their equipment (as evidence or for any other reason). If
 you're a Usenet site, you may receive megabytes of new data every day,
 but you have no common carrier protection in the event that someone
 puts illegal information onto the Net and thence into your system."
 Increased Restrictions
 But despite the outpourings of concern for what had happened, many
 system administrators and bulletin board operators felt compelled to
 tighten the control of their systems and to make free speech a little
 more difficult, for their own protection.
 Bill Kuykendall, system administrator for The Point, a public UNIX
 system in Chicago, made the following announcement to the users of his
 "Today, there is no law or precedent which affords me... the same legal
 rights that other common carriers have against prosecution should some
 other party (you) use my property (The Point) for illegal activities.
 That worries me....
 "I fully intend to explore the legal questions raised here. In my
 opinion, the rights to free assembly and free speech would be
 threatened if the owners of public meeting places were charged with the
 responsibility of policing all conversations held in the hallways and
 lavatories of their facilities for references to illegal activities.
 "Under such laws, all privately owned meeting places would be forced
 out of existence, and the right to meet and speak freely would vanish
 with them. The common sense of this reasoning has not yet been applied
 to electronic meeting places by the legislature. This issue must be
 forced, or electronic bulletin boards will cease to exist.
 "In the meantime, I intend to continue to operate The Point with as
 little risk to myself as possible. Therefore, I am implementing a few
 new policies:
 "No user will be allowed to post any message, public or private, until
 his name and address has been adequately verified. Most users in the
 metropolitan Chicago area have already been validated through the
 telephone number directory service provided by Illinois Bell. Those of
 you who received validation notices stating that your information had
 not been checked due to a lack of time on my part will now have to wait
 until I get time before being allowed to post.
 "Out of state addresses cannot be validated in the manner above.... The
 short term solution for users outside the Chicago area is to find a
 system closer to home than The Point.
 "Some of the planned enhancements to The Point are simply not going to
 happen until the legal issues are resolved. There will be no shell
 access and no file upload/download facility for now.
 "My apologies to all who feel inconvenienced by these policies, but
 under the circumstances, I think your complaints would be most
 effective if made to your state and federal legislators. Please do so!"
 These restrictions were echoed on other large systems, while a number
 of smaller hacker bulletin boards disappeared altogether. We've been
 told by some in the hacker world that this is only a phase, that the
 hacker boards will be back and that users will once again be able to
 speak without having their words and identities "registered". But
 there's also a nagging suspicion, the feeling that something is very
 different now. A publication has been shut down. Hundreds, if not
 thousands, of names have been seized from mailing lists and will, no
 doubt, be investigated. The facts in the 911 story have been twisted
 and misrepresented beyond recognition, thanks to ignorance and
 sensationalism. People and organizations that have had contact with any
 of the suspects are open to investigation themselves. And, around the
 country, computer operators and users are becoming more paranoid and
 less willing to allow free speech. In the face of all of this, the
 belief that democracy will triumph in the end seems hopelessly naive.
 Yet, it's something we dare not stop believing in. Mere faith in the
 system, however, is not enough.
 We hope that someday we'll be able to laugh at the absurdities of
 today. But, for now, let's concentrate on the facts and make sure they
 stay in the forefront.
 ==> Were there break-ins involving the E911 system? If so, the entire
 story must be revealed. How did the hackers get in? What did they have
 access to? What could they have done? What did they actually do? Any
 security holes that were revealed should already have been closed. If
 there are more, why do they still exist? Could the original holes have
 been closed earlier and, if so, why weren't they? Any hacker who caused
 damage to the system should be held accountable. Period. Almost every
 hacker around seems to agree with this. So what is the problem? The
 glaring fact that there doesn't appear to have been any actual damage.
 Just the usual assortment of gaping security holes that never seem to
 get fixed. Shoddiness in design is something that shouldn't be
 overlooked in a system as important as E911. Yet that aspect of the
 case is being side-stepped. Putting the blame on the hackers for
 finding the flaws is another way of saying the flaws should remain
 ==> Under no circumstance should the Phrack newsletter or any of its
 editors be held as criminals for printing material leaked to them.
 Every publication of any value has had documents given to them that
 were not originally intended for public consumption. That's how news
 stories are made. Shutting down Phrack sends a very ominous message to
 publishers and editors across the nation.
 ==> Finally, the privacy of computer users must be respected by the
 government. It's ironic that hackers are portrayed as the ones who
 break into systems, read private mail, and screw up innocent people.
 Yet it's the federal authorities who seem to have carte blanche in that
 department. Just what did the Secret Service do on these computer
 systems? What did they gain access to? Whose mail did they read? And
 what allowed them to do this?
 Take Exception
 It's very easy to throw up your hands and say it's all too much. But
 the facts indicate to us that we've come face to face with a very
 critical moment in history. What comes out of this could be a
 trend-setting precedent, not only for computer users, but for the free
 press and every citizen of the United States. Complacency at this stage
 will be most detrimental.
 We also realize that one of the quickest ways of losing credibility is
 to be shrill and conspiracy-minded. We hope we're not coming across in
 this way because we truly believe there is a significant threat here.
 If Phrack is successfully shut down and its editors sent to prison for
 writing an article, 2600 could easily be next. And so could scores of
 other publications whose existence ruffles some feathers. We cannot
 allow this to happen.
 In the past, we've called for people to spread the word on various
 issues. More times than not, the results have been felt. Never has it
 been more important than now. To be silent at this stage is to accept a
 very grim and dark future.
 Documentation on the E911 System
 March 1988
 $79,449, 6 pages
 Bell South Standard Practice 
 Review by Emmanuel Goldstein
 It otherwise would have been a quickly forgotten text published in a hacker
 newsletter. But due to all of the commotion, the Bell South E911 document is
 now very much in the public eye. Copies are extremely easy to come by, despite
 Bell South's assertion that the whole thing is worth $79,449.
 While we can't publish the actual document, we can report on its contents
 it's become a news story in itself. But don't get excited. There really isn't
 all that much here.
 Certain acronyms are introduced, among them Public Safety Answering
 Point (PSAP), also known as Emergency Service Bureau (ESB). This is
 what you get (in telco lingo) when you dial 911. The importance of
 close coordination between these agencies is stressed. Selective
 routing allows the 911 call to be routed to the proper PSAP. The 1A ESS
 is used as the tandem office for this routing. Certain services made
 available with E911 include Forced Disconnect, Alternative Routing,
 Selective Routing, Selective Transfer, Default Routing, Night Service,
 Automatic Number Identification, and Automatic Location Identification.
 We learn of the existence of the E911 Implementation Team, the brave
 men and women from Network Marketing who help with configuration in the
 difficult cutover period. This team is in charge of forming an ongoing
 maintenance subcommittee. We wouldn't want that juicy tidbit to get
 out, now would we?
 We learn that the Switching Control Center (SCC) "is responsible for
 E911/1AESS translations in tandem central offices". We're not exactly
 shocked by this revelation.
 We also find out what is considered a "priority one" trouble report.
 Any link down to the PSAP fits this definition. We also learn that when
 ANI fails, the screens will display all zeroes.
 We could go on but we really don't want to bore you. None of this
 information would allow a hacker to gain access to such a system. All
 it affords is a chance to understand the administrative functions a
 little better. We'd like to assume that any outside interference to a
 911 system is impossible. Does Bell South know otherwise? In light of
 their touchiness on the matter, we have to wonder.
 We'd be most interested in hearing from people with more technical
 knowledge on the subject. What does this whole escapade tell us? Please
 write or call so the facts can be brought forward.
 MAIL TO 2600@well.sf.ca.us OR 2600 EDITORIAL DEPARTMENT, P.O. BOX 99, MIDDLE
 (516) 751-2600 (VOICE/MACHINE) OR (516) 751-2608 (FAX).

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH