|
Opening the Kimono too Far (by Mark Seiden), Which
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
****************************************************************************
>C O M P U T E R U N D E R G R O U N D<
>D I G E S T<
*** Volume 1, Issue #1.01 (March 31, 1990) **
****************************************************************************
MODERATORS: Jim Thomas / Gordon Meyer
REPLY TO: [email protected]
SUBSCRIBE TO: INTERNET:[email protected]@UICVM.uic.edu
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.
--------------------------------------------------------------------
DISCLAIMER: The views represented herein do not necessarily represent the
views of the moderators. Contributors assume all responsibility
for assuring that articles submitted do not violate copyright
protections.
--------------------------------------------------------------------
This is a short issue to double check the address list. Some addresses
returned the first issue of 1,200 lines because of length. If you receive
this, but did not receive the first issue, let us know and we will re-send
it. If length is a problem, let us know. We will try to keep the file
length to about 1,000 lines, but we have been informed that some notes
reject anything over 450-500. As a rule of thumb, every 100 lines
constitutes about 6 K, so if you are restricted by file size, send along
your limits.
We also remind people that in the "TK0" response, that's a ZERO,
not an "OH"!
If people send enough material, we will try to put out an issue every few
weeks. For space purposes, we will ask that signatures be kept brief and
that that formatting be at least 65 characters per line.
The feedback on the first issue was generally positive. We would like to
hear from readers regarding the types of articles you would like to see.
Content will be determined primarily by the contributions, and we
especially encourage public domain news articles. We caution all
contributors to assure no copyright violations occur. We have already been
involved in a minor squabble with the AUSTIN-AMERICAN STATESMAN (see file
3, this issue).
In a recent mail test, we accidentally send out a preliminary mailing list
due to a glitch in our auto-mailing file. This has been corrected. We
consider the names and addresses on this list strictly confidential, and
although the digest is open to all receivers and contributors, the mailing
list is NOT! Mark Seiden (among others) quickly responded. We reprint his
thoughtful observations in File 1, and accept his invitation to respond in
File 2.
There have been requests for back issues of various magazines and
journals of the computer underground. We believe that many of these
provide a historical archive for those who desire to chronicle the
growth and maturity of various groups, or who are interested in
these files for social science research as documents of a particular
societal subculture. A number of people have suggested that we
serve as a clearing house for such documents. Because there has
been no indication that any of the documents are illegal, and
because law enforcement agencies have not objected on LEGAL GROUNDS
to any of these documents publicly or--to our knowledge--privately,
we assume they are acceptable for distribution.
Currently available are:
PHRACK (issues 1-30)
LoD/H (issues 1-4)
We are missing files 10-14 of LoD/H issue #1. Perhaps
somebody could pass them along.
P/Hun (issues 1-3)
PIRATE Magazine (issues 1-5)
ATI (issues 1-44; we are missing issues #4 and #10. Could somebody
send these over?)
And other lesser digests and journals. We will also maintain
back issues of CuD.
We stress that possession and/or distribution of these documents
*IN NO WAY* constitutes support or encouragement of any activities
describes therein. However, we strongly believe that they should
be available for those interested in fully understanding the
computer underground subculture.
IN THIS ISSUE:
File 1: "Opening the Kimono too Far" (by Mark Seiden)
File 2: "Which Witch Hunt?" (Editorial response)
File 3: CuD's First Copyright Squabble--THE AUSTIN-AMERICAN STATESMAN
File 4: Satirical article from PHRACK 29, phile 7 (reprint)
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+ END THIS FILE +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
******************************************************************
*** Computer Underground Digest / Issue 1.01 - File 1 of 4 ***
******************************************************************
From: [email protected](Mark Seiden)
Message-Id: <[email protected]>
To: uunet!UICVM.uic.edu!TK0JUT2%[email protected]
Subject: opening the kimono a bit too far?
Cc: [email protected]
Greetings, 'ackologists and -osophists...
You may have noticed that in the process of setting up the BITNET mailing
list for CuD [Computer Underground Digest] our Lord of Hosts [Jim Thomas]
somehow managed to send out to everybody a test transmission containing the
email address of *everybody* on the mailing list.
This set off my "right to privacy/paranoia" detector, prompting a note to
him saying "Isn't it nice now that you've told the FBI who we all are"
whereupon he revealed that, indeed, the list contains "everything from law
enforcement on one end to at least one LoD [Legion of Doom] member on the
other." What a pleasant rainbow effect that conjured up...
Consider the DEA officials who have (reportedly) been convincing
advertisers selling Gro-lites in (among other publications) "High Times" to
turn over their customer lists. Legend has it that the Orchid Societies are
up in arms over flak-jacketed drug agents with zero-tolerance for indoor
plant-growing knocking at their member's doors, and to date discovering
only orchids... (I expect to read about it in the Wall Street Journal
gardening column any day now.)
I wonder whether overzealous g-men and women might be interested in just
who cares about the computer underground, suspecting that perhaps they
might have some personal involvement? Perhaps some of us are now or were
once in possession of forbidden knowledge valued by beancounters in excess
of $5000? Hmmm, that backup tape from that job ten years ago containing,
jeez, i forget, secrets of incalculable worth (in one case, people with
questionable smarts took hundreds of man-years [yes, they were all men] and
still didn't get it right...), and that version of troff source I always
wanted to fix... Ohmigod, I was on the PHRACK mailing list, and now I'm on
this one too, and I've been to some of the Hackers' Conferences! Now I
realize this was one of those elaborate sting operations I keep reading
about, and I got sucked in right away, naive little me...
I'm expecting the Secret Service to show up at my door any day now. I
would burn those backup tapes, but that's probably a violation of US Title
18, section whatever, "thinking about intending to try to conceal evidence
of a possible future crime" (and I'm even more afraid of a disk crash).
(Note for the Tomorrow File: A new source of revenue for lawyers: store
your hacker-client's backup tapes, which would then be protected as
privileged communication?)
Thanks a lot, Jim. You're welcome to ask the natural/more serious
follow-on questions...
Mark Seiden, [email protected], 203 329 2722
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+ END THIS FILE +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
***************************************************************
*** Computer Underground Digest Issue #1.01 / File 2 of 4 ***
***************************************************************
Mark Seiden raises some good points in the previous file. His concerns
cluster around a couple of issues:
1) Is having one's name on a mailing list sufficient to trigger law
enforcement interest and subject the listee to possible harassment?
2) Are there law enforcement agents on this list?
3) Are the moderators part of a sting operation?
Mark's comments, although partly tongue in cheek, indicate the degree to
which over-zealous law-enforcement actions in recent months have had a
"chilling effect" on the free flow of information. Let's take each of
these issues in reverse order.
First, the moderators are not part of a sting, nor are we in any way
connected with, cooperating with, or otherwise involved in enforcement. One
moderator works for a computer firm, the other is an sixties-lefty whose
primary work is as a college professor and researcher of prison culture.
But, Mark is quite correct in his concern for stings. It is *not* paranoia!
Gary Marx, in his book UNDERCOVER: POLICE SURVEILLANCE IN AMERICA,
carefully and convincingly documents the threat of police stings to civil
liberties, their irony in subverting civil rights to protect society, and
the contributions to distrust and openness they create. One reason for the
emergence of this digest is the need many of us feel to raise such issues
at a time when law enforcement seems to be spending as much time
investigating computer users as other forms of crime. The emergence in many
(by now most) federal and state agencies of dedicated "computer crime
units" can too easily lead to the expansion of the definition of "abuse" to
justify the existence of these units. Once units exist, they must
investigate, apprehend and prosecute in order to justify their continued
existence.
Second, we assume from the mailing list that there are at least a few law
enforcement agents on the list. We welcome them, and hope others subscribe
as well. Perhaps they will learn something. Neither moderator is involved
in illicit activity, unless research is considered a crime, and nothing we
distribute will be knowingly illegal, violate copyright, or be knowingly
harmful. The mailing list reflects diverse group. The bulk seems to be
computerists employed in the private sector, followed by academics, and
mixed in with students, journalists, and others. We will send CuD to
anybody who requests it, and we welcome the response of law enforcement
agents in the debates.
Finally, Mark asks if having one's name on a mailing list is sufficient to
mark them for an investigation. Unfortunately, if recent history is any
indication, the answer is *YES*! Mark has already indicated a few examples
of this. The "Red Squads" of the 1960s and 1970s provide a more chilling
example. There is overwhelming evidence, including documents we ourselves
obtained as part of a class action law suit against the Michigan State
Police, to indicate that law enforcement tactics included gathering lists
by monitoring letters to editors opposing the Viet Nam war or the "social
-isms," listed license plates of cars parked near political meetings, and
by numerous other tactics totally anathema in a democratic society. In once
instance, police in East Lansing, Michigan, actually investigated a
political candidate who publicly denounced the war. The information in
these lists, even if unverified, was shared with employers, state agencies,
and other law enforcement agencies. These lists resulted in loss of
employment, promotion, or--in the case of FBI documents we
obtained--harassment in the FBI's COINTELPRO campaign. This included
anonymous letters to parents or employers of people on the list and even
direct physical harassment.
We, in the U.S., seem to have short memories. Especially because of drug
hysteria, we seem to be willing to enact legislation and permit
investigative tactics that would otherwise be unacceptable. When the
target is druggies or racketeers, there is little public outrage. But, now
the tactics seem to be applied to other behaviors as creative agents find
new uses for laws that have not yet been tested in the courts.
In the last issue of CuD, we provided a rationale for the use of handles.
We suggest that if anybody has concern about being on a list they use one.
For e-mailing, we retain only the addresses and not names. Our mailing list
of net addresses is encrypted and inaccessible, but even if it were
obtained, there is insufficient information to be of use to anybody except
e-mail hucksters marketing their warez.
Thanks for raising the issue, Mark.
***************************************************************
*** Computer Underground Digest Issue #1.01 / File 3 of 4 ***
***************************************************************
An article in the AUSTIN-AMERICAN STATESMAN by Kyle Pope is perhaps the
most balanced news story to cover the Legion of Doom indictments and the
related confiscation of equipment at Steve Jackson Games in Austin. We had
intended to reprint the entire article. However, when we called the
AUSTIN-AMERICAN STATESMAN (are there no "stateswomen," or is the A-AS still
a bastion of macho sexist swinery?), we were informed that on no account
would they allow the article to be distributed over the nets. When we asked
how much of the article they would allow us to extract, they told us that
we could excerpt *NONE* of it. Not even a single line? "None of it!" Well,
perhaps the A-AS has contracts with other news services who sell
computerized versions of the story, but "None of it?" C'mon! "Fair use
doctrine" allows reasonable reproduction of a copyright article, and after
consulting with an attorney, we reproduce well under the accepted norm.
So, we can only assume that the A-AS, while to be commended on a fair
summary of events, as some very uptight anal-retentive types in the
managing editor's office who confuse company policy with Constitutional
protections! The following is drawn from a variety of sources, but all
quotes come from: "U.S. Computer Investigation Targets Austinites" by Kyle
Pope (%cr% Austin-American Statesman, March 17, 1990: Pp A-1, A-12).
The article summarizes the background of the Legion of Doom indictments
(see CuD, 1.00, files 4, 5). In the continuing investigation, federal
agents and Austin police appeared at the home of a Steve Jackson Employee,
greeting him with guns drawn at 6:30 a.m. They confiscated his equipment,
and also took a number of books and other documents, including the M.A.
thesis of CuD co-moderator Gordon Meyer. Why this document is considered
worthy of confiscation escapes us, unless academic research is now
considered subversive, and its possession evidence of evidence of criminal
mischief. One of the concerns of federal agents was the Cyberpunk science
fiction work being written at Steve Jackon's. Influenced by science fiction
novel's such as William Gibson's NEUROMANCER and John Brunner's THE
SHOCKWAVE RIDER, Cyberpunk mixes science fiction, computer fantasy, and
alienation in futuristic techno-societies. The A-AS interviewed one writer
who explained the need for realistic detail in the genre:
Bruce Sterling, an Austin science fiction writer and one
of the world's best-known Cyberpunk writers, said
Jackson's game and its computer-related discussions are
hardly unusual for the genre.
"Cyberpunk is thriller fiction," Sterling said. "It deals
to a great extent with the romance of crime in the same
way that mysteries or techno-thrillers do."
He said the detailed discussions in the Jackson games are
what draws people to them.
"That's the charm of simulation games," he said. "You're
simulating something that's supposed to be accurate. If
it's cooked up out of thin air, the people who play these
games are going to lose interest."
Jackson, though, said he has been told by Secret Service
agents that they view the game as a user's guide to
computer mischief.
He said they made the comments when he went to the
agency's Austin office in an unsuccessful attempt to
reclaim some of his seized equipment.
"As they were reading over it, they kept making outraged
comments," Jackson said. "When they read it, they became
very, very upset.
"I said, 'This is science fiction.' They said, 'No. This
is real.'" (A-AS, p. A-12).
In their zeal to obtain information about reproduction of an E911 training
document from a Georgia telecommunications company, federal agencies
confiscated printers, monitors, CPUs, files, and other equipment from
Jackson because of suspicion that one of his employees, Loyd Blankenship,
had contacts with Legion of Doom:
Jackson's attorney said federal officials have told him
that the 911 information pilfered from Bell South has
surfaced on a computer bulletin board used at Steve
Jackson games. But the information apparently has not
been traced to a user.
Jackson said that neither he nor any of his employees is
a member of the Legion of Doom.
Blankenship, however, did consult with the group in the
course of researching and writing the Cyberpunk game,
Jackson said. Further, the group is listed in the game's
acknowledgments for its aid in providing technical
information used in Cyberpunk (A-AS, p. A-12).
----------------------
These confiscations raise a number of issues. First, it seems that any of
us can have our equipment, and therefore our livelihoods, threatened by any
connection law enforcement officials make between an offense and an alleged
possessor of information.
Second, as of this writing (March 30), to our knowledge none of those being
investigated in this incident has been indicted. Only the equipment has
been arrested. This, to us, suggests the frightening spectre of
confiscation of the equipment of innocent people and disruption of lives.
The A-AS article indicated that the confiscation is having a devastating
impact on the economic fortunes of Steve Jackson Games.
Third, it appears that laws originally intended to fight drugs and
organized crime now are being used to thwart the "dreaded computer
underground." Confiscation of any personal property that creative agents
can claim "good faith" potential relationship to either an offense or to
information about an offense, can be confiscated, including an M.A. thesis
or a draft of a novel in progress. In addition, if, in their search, agents
happen upon a few seeds of marijuana, they can, under federal anti-drug
law, incarcerate the searchee without bail.
Gary Marx has argued that we lose our freedoms not with a sweeping
crackdown, but gradually. Laws originally intended to fight one "menace"
now are being applied to another. This "other" menace is, we argue, largely
a creation of media hysteria, law enforcement ignorance of the nature of
the computer underground, and a complete failure to recognize the need to
balance protection of the public commonweal with protections of civil
liberties.
In a recent government publication (NIJ REPORTS, Jan/Feb '90, pp 2-10), the
authors lump software piracy in the same category as theft of computer
chips, computers, or trade secrets. In this classification, it seems that
stealing a new IBM 486 and giving a copy of Norton Utilities to a friend
are identical! Uploading that pirated copy from New York to a BBS in
Atlanta would, therefore, constitute a federal offense that subjects the
"felon" to the full weight of federal prosecution.
Our point is that, in a rapidly changing techno-world, laws are being used
in a way perhaps appropriate for addressing such predatory crimes as
listed in the FBI's Uniform Crime Reports, but they hardly address the
problems of perceived computer abuse, real or imagined. The use of laws
intended to combat one type of unacceptable behavior, such as racketeering
or drug abuse, hardly seem appropriate to their current use by federal
agents to combat computerists. Disrespect for law begins with its
oppressive misuse, and we suggest that, ultimately, the apparent attempt of
federal agents and prosecutors to define a social menace, and then make
their careers saving the world from it, will subvert the respect for and
rule of law in the long run.
A final note to the A-AS:
It is within an author's legal rights to write a number of DIFFERENT
stories, excerpting different parts of a news article in each, and
ultimately reprint, legally, the entire story. We are not petty enough to
do so, but we find it somewhat ironic that a company whose existence
derives from a free press so arrogantly responses to a legitimate request
to reprint with a categorical statement that *NOTHING* can be reprinted. Is
there something wrong with this picture, or did your managing editor just
have a bad day? We will print a reply if you wish to make one.
Jim Thomas (CuD co-moderator)
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+ END THIS FILE +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
***************************************************************
*** Computer Underground Digest Issue #1.01 / File 4 of 4 ***
***************************************************************
Several responses have asked why people think that the Legion of Doom has
been accused of ripping off banks. One reason may be that there is a loss
of a sense of the "absurd" in contemporary society. Satire, irony, and
subtlety have been replaced by a sense of the literal, and with this loss
comes a tendency to accept literature at face value. In a November, 1989,
issue of PHRACK, an article appeared that was intended as satire. This
intent was clear in the issues introductory file and in the text of this
file. For those who have wondered what the articled was about, we reprint
it here.
-------------------------------------------------------------
==Phrack Inc.==
Volume Three, Issue 29, File #7 of 12
The Legion of Doom!
EFT Division
Presents
HOW WE GOT RICH THROUGH ELECTRONIC FUND TRANSFERS
(OR: GEE! NO, GTE!)
A certain number of financial institutions that reside within the
packet-switched confines of the various X.25 networks use their connections to
transfer funds from one account to another, one mutual fund to another, one
stock to another, one bank to another, etc... It is conceivable that if one
could intercept these transactions and divert them into another account, they
would be transferred (and could be withdrawn) before the computer error was
noticed. Thus, with greed in our hearts, an associate and I set forth to test
this theory and conquer the international banking world.
We chose CitiCorp as our victim. This multinational had two address
prefixes of its own on Telenet (223 & 224). Starting with those two prefixes,
my associate and I began to sequentially try every possible address. We
continued through 1000 in increments of one, then A-Z, then 1000-10000 by 10's
and finally 10000-99999 by 100's. Needless to say, many addresses were
probably skipped over in our haste to find valid ones, but many we passed over
were most likely duplicate terminals that we had already encountered.
For the next few days my associate and I went over the addresses we had
found, comparing and exchanging information, and going back to the addresses
that had shown 'NOT OPERATING,' 'REMOTE PROCEDURE ERROR,' and 'REJECTING.' We
had discovered many of the same types of systems, mostly VAX/VMS's and Primes.
We managed to get into eight of the VAXen and then went forth on the CitiCorp
DECNET, discovering many more. We entered several GS1 gateways and Decservers
and found that there were also links leading to systems belonging to other
financial institutions such as Dai-Ichi Kangyo Bank New York and Chase
Manhattan. We also found hundreds of addresses to TWX machines and many
in-house bank terminals (most of which were 'BUSY' during banking hours, and
'NOT OPERATING' during off hours). In fact, the only way we knew that these
were bank terminals was that an operator happened to be idle just as I
connected with her terminal (almost like the Whoopie Goldberg movie, "Jumpin'
Jack Flash," not quite as glamorous ...yet.)
Many of the computers we eventually did penetrate kept alluding to the
electronic fund transfer in scripts, files, and personal mail. One of the
TOPS-20 machines we found even had an account EFTMKTG.EFT, (password EFTEFT)!
All the traces pointed to a terminal (or series of terminals) that did nothing
but transfer funds. We decided that this was the case and decided to
concentrate our efforts on addresses that allowed us to CONNECT periodically
but did not respond. After another week of concentrated effort, we managed to
sort through these. Many were just terminals that had been down or
malfunctioning, but there were five left that we still had no idea of their
function. My associate said that we might be able to monitor data
transmissions on the addresses if we could get into the debug port. With this
idea in mind, we set out trying sub-addresses from .00 to .99 on the mystery
addresses. Four of the five had their debug ports at the default location
(.99). The fifth was located 23 away from the default. That intrigued us, so
we put the others aside and concentrated on the fifth. Although its location
was moved, a default password was still intact, and we entered surreptitiously
The system was menu driven with several options available. One option,
Administrative Functions, put us into a UNIX shell with root privilege. After
an hour or so of nosing around, we found a directory that held the Telenet
Debug Tools package (which I had previously thought existed solely for Prime
computers). Using TDT, we were able to divert all data (incoming and outgoing
into a file so we could later read and analyze it. We named the file ".trans"
and placed it in a directory named ".. ", (dot, dot, space, space) so it woul
remain hidden. This was accomplished fairly late on a Sunday night. After
logging off, we opened a case of Coors Light and spent the rest of the night
(and part of the morning!) theorizing about what we might see tomorrow night
(and getting rather drunk).
At approximately 9:00 p.m. the following evening, we met again and logged
onto the system to view the capture file, hoping to find something useful. We
didn't have to look very far! The first transmission was just what we had bee
dreaming about all along. The computer we were monitoring initiated by
connecting with a similar computer at another institution, waited for a
particular control sequence to be sent, and then transferred a long sequence o
numbers and letters. We captured about 170 different transactions on the firs
day and several hundred more in the following week. After one business week,
we removed the file and directory, killed the TDT routine, and went through th
system removing all traces that we had been there.
We felt that we had enough to start piecing together what it all meant, s
we uploaded our findings to the LOD HP-3000 (ARMA) in Turkey. This way we
could both have access to the data, but keep it off our home systems. We
didn't bother to tell any of the other LOD members about our doings, as most
had retired, been busted, or were suspected of turning information over to the
Secret Service. Using this as a base, we analyzed the findings, sorted them,
looked for strings being sent, etc.
We came to the conclusion that the transmissions were being sent in the
following way:
XXXXXXXXXXXXTCxxxxxxxxxxxx/NNNNNNNNNNNNCnnnnnnnnnnnnAMzzzzzzz.zzOP#
X=Originating Bank ID
T=Transfer (Also could be R(ecieve), I(nquire))
C=Type of account (Checking--Also S(avings) I(RA) M(oney Market)
T(rust) W(Other wire transfer ie. Credit Transfer, etc.))
x=Originating Account Number
/=Slash to divide string
N=Destination Bank ID
C=Type of account (See above)
n=Destination Account Number
AMzzzzzzz.zz=Amount followed by dollar and cents amount
OP#=operator number supervising transaction
After this string of information was sent, the destination bank would the
echo back the transaction and, in ten seconds, unless a CONTROL-X was sent,
would send "TRANSACTION COMPLETED" followed by the Destination Bank ID.
We now needed to check out our theory about the Bank ID's, which I figure
were the Federal Reserve number for the Bank. Every bank in America that deal
with the Federal Reserve System has such a number assigned to it (as do severa
European Banks). I called up CitiBank and inquired about their Federal Reserv
Number. It was the number being sent by the computer. With this information,
we were ready to start.
I consulted an accountant friend of mine for information on Swiss or
Bahamanian bank accounts. He laughed and said that a $50,000 initial deposit
was required to get a numbered account at most major Swiss banks. I told him
to obtain the forms necessary to start the ball rolling and I'd wire the money
over to the bank as soon as I was told my account number. This shook him up
considerably, but he knew me well enough not to ask for details. He did,
however, remind me of his $1000 consulting fee. A few days later he showed up
at my townhouse with an account number, several transaction slips and
paperwork. Knowing that I was up to something shady, he had used one of his
own false identities to set up the account. He also raised his "fee" to $6500
(which was, amazingly enough, the amount he owed on his wife's BMW).
My associate and I then flew to Oklahoma City to visit the hall of record
to get new birth certificates. With these, we obtained new State ID's and
Social Security Numbers. The next step was to set up bank accounts of our own
My associate took off to Houston and I went to Dallas. We each opened new
commercial accounts at three different banks as LOD Inc. with $1000 cash.
Early the next day, armed with one Swiss and six American accounts, we
began our attack. We rigged the CitiCorp computer to direct all of its data
flow to a local Telenet node, high up in the hunt series. Amazingly, it still
allowed for connections from non-909/910 nodes. We took turns sitting on the
node, collecting the transmissions and returning the correct acknowledgments.
By 12:30 we had $184,300 in electronic funds in "Limbo." Next we turned off
the data "forwarding" on the CitiCorp computer and took control of the host
computer itself through the debug port to distribute the funds. Using its dat
lines, we sent all the transactions, altering the intended bank destinations,
to our Swiss account.
After I got the confirmation from the Swiss bank I immediately filled out
six withdrawal forms and faxed them to the New York branch of the Swiss bank
along with instructions on where the funds should be distributed. I told the
bank to send $7333 to each of our six accounts (this amount being small enough
not to set off Federal alarms). I did this for three consecutive days, leavin
our Swiss account with $52,000. I signed a final withdrawal slip and gave it
to my accountant friend.
Over the next week we withdrew the $22,000 from each of our Dallas and
Houston banks in lots of $5000 per day, leaving $1000 in each account when we
were through. We were now $66,000 apiece richer.
It will be interesting to see how the CitiCorp Internal Fraud Auditors an
the Treasury Department sort this out. There are no traces of the diversion,
it just seems to have happened. CitiBank has printed proof that the funds wer
sent to the correct banks, and the correct banks acknowledgment on the same
printout. The correct destination banks, however, have no record of the
transaction. There is record of CitiBank sending funds to our Swiss account,
but only the Swiss have those records. Since we were controlling the host whe
the transactions were sent, there were no printouts on the sending side. Sinc
we were not actually at a terminal connected to one of their line printers, no
one should figure out to start contacting Swiss banks, and since CitiBank does
this sort of thing daily with large European banks, they will be all twisted
and confused by the time they find ours. Should they even get to our bank,
they will then have to start the long and tedious process of extracting
information from the Swiss. Then if they get the Swiss to cooperate, they wil
have a dead-end with the account, since it was set up under the guise of a
non-entity. The accounts in Dallas and Houston were also in fake names with
fake Social Security Numbers; we even changed our appearances and handwriting
styles at each bank.
I'm glad I'm not the one who will have the job of tracking me down, or
even trying to muster up proof of what happened. Now we won't have to worry
about disposable income for awhile. I can finish college without working and
still live in relative luxury. It's kind of weird having over six-hundred $10
bills in a drawer, though. Too bad we can't earn any interest on it!
** Since the events described transpired, CitiBank has made their Banking
Transaction Ports all refuse collect connections. Even by connecting
with an NUI they now respond "<<ENTER PASSWORD>>". C'est La Vie.
>--------=====END=====--------<
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
+ END OF CuD #1.01 +
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
!
|
|
