|
Affidavit of FBI agent against Baker, soc.culture.
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
Computer underground Digest Wed Feb 22, 1995 Volume 7 : Issue 15
ISSN 1004-042X
Editors: Jim Thomas and Gordon Meyer ([email protected])
Archivist: Brendan Kehoe
Retiring Shadow Archivist: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Copy Ediotr: Ettie-Ann Shrdlu
CONTENTS, #7.15 (Wed, Feb 22, 1995)
File 1--Affidavit of FBI agent against Baker
File 2--soc.culture.usa, et al.-Re: Censorship at U of Michigan (fwd)
File 3--Baker chronology
File 4--Text of 18 USC 41 Sect. 875c (of Baker Indictment)
File 5--HACK - WELL/Mitnick FAQ (fwd)
File 6--Re: Banished CPU BBS - commentary
File 7--Cu Digest Header Info (unchanged since 18 Feb, 1995)
CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.
----------------------------------------------------------------------
Date: Tue, 14 Feb 1995 23:59:18 -0600 (CST)
From: David Smith <[email protected]>
Subject: File 1--Affidavit of FBI agent against Baker
((MODERATORS' NOTE: The Jake Baker case raises sticky issues of
First Amendment protections, creative applications of old laws to
new scenarios, and maintaining decency in cyberspace.
The underlying issues extend beyond obscenity and free speech,
and a future issue will attempt to address the complexity of
what's at stake. The following posts provide the background for
the case)).
==============================================
United States Attorney
Easten District of Michigan
211 W. Fort Street
Suite 2300
Detroit, MI 48221-3211
February 9, l995
CONTACT: (313) 226-9509
United states Attorney Saul A. Green announced that Jake A.
Baker, Alan known aa Abraham Jacob Alkhabaz, an undergraduate
student at the University of Michigan in Ann Arbor, was charged
today in a federal criminal complaint With transmitting a threat
to injure "Jane Doe, a student at the University of Michigan.
Baker was arrested on the complaint in Ann Arbor at approximately
1:00 p.m. and subsequently transported to the federal courthouse
in Detroit for an initial appearance.
Mr. Green stated that the criminal charge is based upon a
series of transmissions Mr. Baker made on the Internet computer
network. on approximately January 19, 1995, the University of
Michigan Department of Public Sarety became aware that Baker had
transmitted communications on the Internet describing violent sex
acts against women, and that at least one transmission identified
Jane Doe as the specific victim of sexual torture and murder. A
series of subsequent transmissions between Baker and others on
the Internet system discussed plans for the abduction, torture,
and murder of women.
Mr. Green explained that Mr. Baker's transmissions on the
Internet gave rise to a charge under 18 U.S.C. s 875©, which
criminalizes the transmission in interstate or foreign commerce
of a communication "containing any threat to kidnap any person or
any threat to injure the person of another." Mr. Green further
emphasized that the criminal complaint against Baker is merely a
charging document, and that Baker is presumed innocent of the
charge. The investigation, which is being handled by the Federal
Bureau of Investigation, is still in progress,
AFFIDAVIT
Greg Stejskal, being first duly sworn, states:
1. I am a Special Agent with the Federal Bureau of
Investigation, and have been so employed for the past 19 years.
be following is known to me to be true through personal interviews
and investigation.
2 . Abraham Jacob Alkhabaz, also known as Jake Baker , is an
undergraduate student at the University of Michigan (UM) in Ann
Arbor, Michigan. Baker has access to computers and has been
assigned a unique name (password/identifier) by the university.
Baker has, via his computer, access to a computer network commonly
referred to as "Internet." Internet is a world-wide information
network used in interstate and foreign commerce. Accordingly,
Material transmitted into Internet is communicated and distributed
in interstate and foreign commerce.
3. On or about January 19, 1995, University of Michigan
Department of Public Safety (UMDPS) becamee aware of certain
activities of Jake Baker, i.e., the transmission into Internet of
"stories" graphically depicting violent acts against women.
Further, UMDPS learned that at least one of these transmissions
named a female student at US as the specific target/victim. The
name of the female student is known to me, but will be identified
in this affidavit only as "Jane Doe."
4. On January 20, 1995, Baker was contacted by UMDPS officers
regarding the Internet transmissions. After being advised of and
waiving his Miranda rights, Baker admitted writing and "posting"
(transmitting) several depictions into the Internet computer
network. these transmissions were placed in a "compartment" of the
system labelled "alt. sex stories (a.s.s.)"
5. The transmissions distributed by Baker through Internet
described Baker's desire to commit acts of abduction, bondage,
torture, mutilation, sodomy, rape and murder of young women. The
depictions of these criminal acts are extremely graphic and
detailed.
6. In a preface to one of the transmissions, with an
unidentified victim, Baker writes, "Torture is foreplay, rape is
romance, snuff is climax."
7. one of the depictions transmitted by Baker into Internet
Involved UM Co-eds Jane Doe, who Baker identified by her true name,
Using her last name as the title of the "story." In a portion of
Baker's expressed desire to injure Jane Doe, Baker states:
Then, Jerry and I tie her by her long brown
hair to the ceiling fan, so that she's
dangling in mid-air. Her feet don't touch the
ground, She kicks trying to hit me, Jerry or
the gorund (sic). The sight of her wiggling
an mid-air, hands rudely taped behind her
back, turns me on. Jerry takes a big spiky
hair-brush and start beating her small breasts
with it, coloring them with nice red marks.
She screams and struggles harder. I've
separated her legs with a spreader-bar; now I
stretch out her pussy lips and super-glue them
wide open. Then I take a heavy clamp, and
tighten it coer her alit. once it's tight
enough, I let go.
Thus transmission and other similar transmissions may have been
posted previously, but were posted or reposted on or about January
1, 1995.
8. Baker knew Jane Doe as a class-mate from a Japanese class
at UM in the Fall of 1994. Jane Doe is aware of Baker's
transmission concerning her and ir frightened and intimidated by
it.
9. In late January l995, Baker signed various consent forms
giving permission to the UMDPS to search and/or access his room,
personal papers and computer files. This included the use of
Baker's unique password, which provided access to Baker's
electronic mail (e-mail). The hearth of the assail produced
numerous messages between Baker and an individual identifying
himself as Arthur Gronda supposedly residineding in Ontario, Canada.
In these messages sent and received via Internet, Baker and Gronda
discuss means of torture and acts of actual serial killers that had
been reported in the media. Further, Baker and Gronda discuss
actually getting together to commit the acts Baker had previously
depicted and transmitted. The following is an excerpt from a
message sent by Baker to Gonda on or about December 9, l994:
I just picked up Bllod (sic) Lust and have
started to read it. I'll look for "Final
Truth" tomorrow (payday). One of the things
I've started doing is going back and re-
reading earlier messages of yours. Each time
I do, they turn me on more and more. I can't
wait to see you in person. I've been trying
to think of secluded spots, but my area
knowledge of Ann Arbor is mostly limited to
the campus. I don't want any blood in my
room, though I have come upon an excellent
method to abduct a bitch ---
As I said before, my toom is right across from
the girl's bathroom. Wiat (sic) until late at
night, grab her when she goes to unlock the
door. Knock her unconscious and put her into
one of those portable lockers (forgot the word
for it), or even a duffle bag. Then hurry her
out to the car and take her away . . . what do
you think?
On or about December 10, 1994, the following response was sent via
lnternet to Baker by Gonda:
Hi Jake. I have been out tonight and I can
tell you that I am thinking more and more
about "doing" a girl. I can picture it so
well . . . and I can think of no better use
for their flesh. I HAVE to make a bitch
suffer!
10. Based on the aforementioned facts, there is probable
cause to believe that Abraham Jacob Alkhabaz, also known as Jake
Baker, knowingly transmitted a threat to injure the person of
another in interstate and foreign commerce in violation of Title
18, United States Code, Section 875©.
__________________________
Greg Stetskal, Special Agent
Federal Bureau of Investigation
Subscribed and sworn to before
me this 9th day of February, l995.
_____________________________________
Hon. Thomas A. Carlson
United States Magistrate Judge
- - -
ANDREW S. BRENNER, Esq
[email protected]
[email protected]
http://www.interaccess.com/users/abrenner
finger [email protected] for PGP public key
------------------------------
Date: Sat, 18 Feb 1995 21:44:04 -0600 (CST)
From: David Smith <[email protected]>
Subject: File 2--soc.culture.usa, et al.-Re: Censorship at U of Michigan (fwd)
----- Forwarded message ------
From: [email protected] (Peter Swanson)
Subject-- Re: Censorship at U of Michigan
Date: 16 Feb 1995 05:29:11 GMT
MORE INFORMATION ON THE JAKE BAKER CASE
I have several days worth of newspapers here; I will try to briefly
summarize the new information contained in the accounts
[DPS == Department of Public Safety (University Police)]
[SSRR == Statement of Student Rights and Responsibilities]
Sequence of Events (Jonathan Berndt/Michigan Daily)
December and January: Baker transmits e-mail messages to a man
in Ontario describing the kidnapping, rape, and murder of a woman.
1/9/95 The story in question posted to alt.sex.stories
1/19/95 A 16 year old girl in Moscow reads the story, then tells
her father, who tells a Michigan alumnus, who notifies the University.
1/20/95 DPS officers contact Baker. Baker waives his Miranda rights
and admits to writing and posting the stories. DPS officers search
Baker's room and account with permission, finding an unpublished story
and the e-mail conversations.
2/2/95 University President Duderstadt suspends Baker.
2/9/95 FBI arrests Baker on basis of stories and e-mail. Bail is denied.
2/10/95 After a detention hearing, Baker is again denied bail. A defense
appeal for bail bond is denied. Pre-trial motions scheduled for 2/17/95.
The Media free-for-all (Patience Atkin/Michigan Daily)
Detroit Free Press: "Debate between free speech and whether it's a
threat for the woman's safety." --Maryanne George
WDIV-4 TV Detroit: "It also goes to the issue of what constitutes
free speech and what constitutes unreasonable threats." --Paul Manzella
"People who make threats in society are always a concern to people
who don't make threats." --Manzella
Spin: "fantasy" --Detroit Free Press
"sexually violent fiction" --New York Times
"cyber-threats" --USA Today
Baker judged 'too dangerous' to be released (Josh White/Michigan Daily)
...Baker's attorney, Douglas Mullkoff, said the detention of his
client is unwarranted.
"The court is presuming that he is guilty," Mullkoff said. "I
respectfully disagree with every word the judge said. Mr. Baker
was writing fiction in a fiction area of the Internet."
During Baker's appeal hearing Friday afternoon, Mullkoff drew a
similar picture. "We have a fantasy writer's workshop going on
here," he said. "That is the Internet."
...U.S. Attorney Ken Chadwell entered six documents into evidence
as part of the case against Baker. Three of the documents were
stories that Baker had posted on the Internet, two were batches
of e-mail messages to and from Gonda, and one, a previously
unreleased document, was an incomplete story that DPS officers
discovered in Baker's East Quad dorm room.
FBI Special Agent Greg Stejskal, the only witness to testify
at the Friday hearings, said the incomplete story named the same
female University student and posed a further threat to her safety.
"The story involves Mr. Baker abducting the female student and
taking her to a secluded place off of Route 23 in Ann Arbor.,"
Stejskal said. "He tells her to disrobe, to take a toolbox
from his car and then uses the tools to torture her."
Baker, in his unfinished story, describes the abduction in detail.
"I plan it well," Baker wrote. "It will be my first kidnapping;
my first real rape of a pretty young girl. My first experimentation
with all the devices of pain I had thought up before. I obsessed
about my target more than any other girl on campus."
Baker's mother, Vilma Baker, said she was shocked after watching
her son handcuffed and taken out of the courtroom by U.S. Marshals.
"The judge must have woken up this morning and thought he
was a psychiatrist," said Mrs. Baker, a creative writing teacher
in Ohio. "While his writing is alarming and I don't particularly
like my son's genre; then again I don't like Stephen King or
sitcoms. It was just fantasy."
But Chadwell said Baker's stories went beyond being creative.
..."There is a natural progression in these cases," Chadwell
said. "He was actually talking about taking action in things he
could do to women. He writes in a message to Gonda that 'just
thinking about it anymore doesn't do the trick. I need to DO IT.'"
...The letters themselves sent mixed messages. "Sometimes, I'll
see a pretty one out in the quad and think 'Go on Jake, it'd be
easy.' But the fear of getting caught always stays my hand,"
Baker wrote to Gonda on Dec. 9.
"Sorry, can't come up with an ending to that Asian story yet.
I will soon though, hang in there."
Prosecutors push Baker indictment (Josh White/Michigan Daily) (summary)
U.S. Attorney Ken Chadwell is pushing for an early indictment
of Baker. A probable cause hearing is scheduled for Friday.
Defense attorney Douglas Mullkoff is appealing the no-bond
ruling in the 6th U.S. circuit court in Cincinatti. He expects
the appeal (for bail) to be approved, but the next step may be
the U.S. Supreme Court.
The Ontario Provincial Police deny having been notified of the
case and are not, in fact, looking for Arthur Gonda.
'U' had Baker e-mail before suspension, officials confirm
(Cathy Boguslaski, Ronnie Glassberg/Michigan Daily)(summary)
The President suspended Baker with the knowledge of Baker's
e-mail. Before suspending him, Assistant General Counsel
Daniel Sharphorn and Director of Housing Public Affairs
Alan Levy asked Baker to withdraw from the University.
Vince Keenan, chair of the Michigan Student Assembly
Students' Rights Commission, said that Baker would be
difficult to charge under the SSRR, and that he suspected
that the President summarily suspended him because he
knew that the SSRR charges wouldn't stick.
Woman named in stories declines to make comment (Josh White/Michigan Daily)
After repeated press contacts, Jane Doe has requested that the
press stop pestering her.
ACLU: Baker's free speech rights violated (Josh White/Michigan Daily)
..."This case definitely has First Amendment ramifications," said
Howard Simon, executive director of the Michigan ACLU. "His
stories may have been disgusting and vile, but I have seen nothing
that would appear to be a threat to any person.
"If Mr. Baker had sent a letter to the woman he named in his
story, or had he slipped something under her door or e-mailed
her a threatening message, the there may have been something, but
it would be a civil suit brought by the woman.
"The germane issue is: Is the FBI going to dictate what
the First Amendment is going to look like in cyberspace? Will
people be prosecuted for putting pornography and disgusting
stories on the Internet in places set aside for them? It is
not the FBI's place to be writing the First Amendment over again."...
An editorial letter in the Daily reports that Baker put a disclaimer
and warning about the content of his story at the top of his post.
Several news sources, including the Daily, Free Press, and local
TV stations, have done background checks on Baker, but nothing
ominous has surfaced and the accounts seem to be hearsay anyway.
High school friends, etc., told a great deal of personal information
about Mr. Baker, but nothing I would consider worth the trouble
of retyping.
I will be disconnected from the net for about a week, so I will be
unable to report the status of the Friday probable cause hearing,
the bail appeal to the circuit court, or the results of the grand
jury investigation. Again, others are welcome to follow up on these
stories.
If someone has the story in question, I am interested in obtaining
it and making it available on a WWW site. I would prefer that all
references to the woman's name be changed to Jane Doe, so that no one
comes asking me for her name. I would certainly do it myself before
making it publicly available.
------------------------------
Date: Wed, 15 Feb 1995 00:08:08 -0600 (CST)
From: David Smith <[email protected]>
Subject: File 3--Baker chronology
This is a document from Mike Dyer's Netzine web page --
http://www.ionet.net/~mdyer/netwatch.html. There are several other
interesting, indepth articles on the legal and ethical aspects of
cyberspace. Recommended hotlist addition.
This is the best summary I've seen to date. The web page also lists
several other supporting documents.
thanks, | "The most exciting breakthroughs of the 21st century
| will not occur because of technology but because
David Smith | of an expanding concept of what it means to be human."
[email protected] | -- John Naisbitt / Patricia Aburdene
---------- Forwarded message ----------
LAST UPDATED 2/14/95
_________________________________________________________________
Only Make Believe
Jake Baker (pictured) has the attention of a great many people. The 20
year old University of Michigan student has caused an firestorm of
controversy over a fictional story he published in a Usenet newsgroup
that now has polarized two camps. On the one side are the advocates of
virtually unlimited 1st Amendment Free Speech rights, and on the
other, a host of womens groups and others concerned that the founding
fathers never intended their handiwork to go this far. Piecing
together bits and pieces from various news and information, here is
the latest I have been able to unravel:
_________________________________________________________________
BACKGROUND
Baker, 20, a Linguistics Major of Boardman, Ohio, who last year
changed his name from Abraham Jacob Alkhabaz, posted three "stories"
in the Newsgroup Alt.Sex.Stories. In one of the fictional stories,
Baker, who used his real name and that of a girl who had been a
classmate in a Japanese language class last fall, described a scenario
where he and another man broke into the girl's apartment, beat,
tortured and sodomized the girl, and then lit a match as he said
goodbye to the girl, presumably to burn the apartment where the girl
was bound and gagged.
Although such stories are not uncommon in the newsgroup, apparently
the use of real names of both the author and others involved is rare.
Baker claims that the motivation for the story was underlying stress
having to do with a student loan. He says he chose that particular
girl because "she was an attractive young woman, and I needed a name
for the story I was writing". He stated that he knew the girl, but he
never spoke to her.
It is not known if Baker used his University password to get the
access to post the story. The school requires students to sign a
statement, before using campus computers, which says, among other
things, "E-mail should not interfere unreasonably with one's
education, or work at the University, nor should they harass or
threaten an individual or group."
_________________________________________________________________
January 9
--A University of Michigan alumnus, living in Moscow, saw the post and
alerted University officials.
February 2
--Baker was escorted from the campus on February 2, and suspended.
February 3
--Baker and his attorney meet with school officials to ask that Baker
be allowed to resume classes and his duties as a projectionist on the
north campus.
February 9
--A hearing is held on the UM campus. At approximately 1:00 p.m.,
prior to the scheduled hearing, Baker is arrested by federal
authorities at the office of his attorney. Baker is taken before a
magistrate, charged with Interstate Transmission of a Threat, in
violation of 18 U.S.C. sec. 875, which carries a maximum prison term
of five years. He is also accused of sending and receiving e-mail
correspondence with an unnamed Canadian man, in which both describe
their desire to kidnap and torture women. Baker is jailed overnight
without bail, even though the prosecutor recommends bond be set.
February 9
--Baker's mother and an Ann Arbor psychiatrist appear at the hearing
on the UM campus. The psychiatrist and Baker's mother both testify
that Jake is not a threat to anyone on campus. The psychiatrist
characterizes the writings as "thoughts", with no plan of action. The
psychiatrist also states that Baker is not delusional. Baker's
attorney states that Baker has no criminal record.
February 10
--U.S. Magistrate Thomas Carolson orders Baker held without bail, in
spite of the prosecutor's request that bond be set at $100,000.
Magistrate Judge Carolson stated that the posts were "more than just a
story" and quoted the messages to the unnamed Ontario man as stating
"Just thinking about it any more doesn't do the trick. I need to do
it." The magistrate further noted that the correspondence involved
where and how to carry out such an assault. A court affidavit of an
FBI agent states that the messages between Baker and the Canadian man
"described Baker's desire to commit acts of abduction, bondage,
torture, mutilation, sodomy rape and murder of young women. Baker's
mother, a high school English teacher, said after the UM campus
hearing that her son chose the name from 200 names in a class, and
picked the one he did simply because the woman's last name "is a
sexual pun." Baker's defense attorney announces that he will appeal
the denial of bail.
February 10
--A U.S. District Judge, having read the e-mail correspondence between
Baker and the Canadian man, upheld the ruling of the Magistrate Judge
to hold Baker for trial without bail. Saying "I wouldn't want my
daughter to be on the streets of Ann Arbor or Ohio with him in the
condition I believe he is in at this time", Judge Bernard Friedman
said that he was convinced that the female subject of Baker's story,
whose identity Judge Friedman ordered kept secret, could not be
protected from Baker unless he was jailed. At the hearing, Baker's
attorney presented findings of a psychiatrist and psychologist, both
of whom had spoken with Baker, who stated that Baker is not dangerous
or mentally ill. The attorney also pointed out that Baker had
cooperated with authorities, giving them his e-mail password as they
searched for evidence.
_________________________________________________________________
*Sidenote:*
Last April, another UM student used a classmate's logon to post
statements from an Organization for the Execution of Minorities, which
threatened blacks, and criticized Latinos, Jews and gays.
------------------------------
Date: Wed, 15 Feb 1995 00:09:13 -0600 (CST)
From: David Smith <[email protected]>
Subject: File 4--Text of 18 USC 41 Sect. 875c (of Baker Indictment)
UNITED STATES CODE ANNOTATED
TITLE 18. CRIMES AND CRIMINAL PROCEDURE
PART I--CRIMES
CHAPTER 41--EXTORTION AND THREATS
s 875. Interstate communications
(a) Whoever transmits in interstate or foreign commerce any
communication containing any demand or request for a ransom or
reward for the release of an kidnapped person, shall be fined
under this title or imprisoned not more than twenty years, or
both.
(b) Whoever, with intent to extort from any person, firm,
association, or corporation, any money or other thing of value,
transmits in interstate or foreign commerce any communication
containing any threat to kidnap any person or any threat to
injure the person of another, shall be fined under this titl or
imprisoned not more than twenty years, or both.
© Whoever transmits in interstate or foreign commerce any
communication containing any threat to kidnap any person or any
threat to injure the person of another, shall be fined under
this title or imprisoned not more than five years, or both.
(d) Whoever, with intent to extort from any person, firm,
association, or corporation, any money or other thing of value,
transmits in interstate or foreign commerce any communication
containing any threat to injure the proper or reputation of the
addressee or of another or the reputation of a deceased person
or any threat to accuse the addressee or any other person of a
crime, shall be fined under this title or imprisoned not more
than two years, or both.
------------------------------
Date: Sat, 18 Feb 1995 21:28:20 -0600 (CST)
From: David Smith <[email protected]>
Subject: File 5--HACK - WELL/Mitnick FAQ (fwd)
---------- Forwarded message ----------
[mod's note: Kevin Mitnick's arrest was connected with the
investigation of intrusions on the WELL, a conferencing system in
Sausalito, California. The WELL has issued a press statement in the
form of a FAQ]:
The WELL : FAQ (Frequently Asked Questions) Sheet for Press
Q. When did The WELL first become aware of the unauthorized activity
on its system?
A. Friday, January 27th.
Q. How did you discover it?
A. A routine system check.
Q. What actions did the WELL take to help track the suspect?
A. Our technical staff began monitoring and analyzing the situation
over that weekend. By Monday, we had contacted Computer Emergency
Response Team (CERT), The FBI, Sun's Security Team, Tsutomo Shimomura
of San Diego Supercomputer Center, the Board of Directors of The
WELL, representatives of The WELL community and EFF to discuss our
appropriate response. We also contacted other Internet service sites
who we believed were compromised. Our main objective was to
understand risks, options, and factors affecting our system security
and Net-wide responsibilities.
After discussing the situation with the above groups, and carefully
considering our options and responsibilities, we made the decision to
contact the U.S. Attorney's Office and to cooperate with Tsutomo
Shimomura in apprehending the intruder. We did this in an effort to
foster greater security on the global net.
We initiated round-the-clock staffing to monitor the illegal
activity. WELL technical staff were joined by Mr. Shimomura and his
associates to help trace the suspect using sophisticated monitoring
software that he supplied.
At no time was the FBI onsite at The WELL or involved in monitoring
at our site.
Q. What was the chronology of events at The WELL the day leading up
to the arrest of Kevin Mitnick?
A.
Tuesday, February 14, 2:30 pm PST
WELL technical staff, which had been monitoring the activity for
nearly 18 days, notices that the cracker has erased information on
one transaction file on The WELL. The transaction file (there are
dozens of accounting files on The WELL) contained user log-on data,
and was a file which is stored elsewhere and backed up regularly.
WELL decides to bring the system down so we can re-build the damaged
file and do further investigation. WELL staff shuts down WELL
computers.
Tuesday, February 14, 3:00 pm PST
Technical staff positively determines that it is only one accounting
file that has been affected. Approximately three hours after the
incident the damaged file is rebuilt.
Tuesday, February 14, 5:00 pm PST
Shimomura and assistants are contacted, and confirm with The WELL
technology team that the cracker appeared to have made a typing error
when he zeroed the one accounting file. Shimomura reports that they
are hours from catching the suspect.
Tuesday, February 14, 8:30 pm PST
WELL puts system back up. Monitoring continues in full gear.
Tuesday, February 14, 10:30 pm PST
Kevin Mitnick is arrested in Raleigh, North Carolina.
Q. What other sites were affected?
A. In the interest of their privacy, we will not say. We believe
that at least a dozen sites were compromised.
Q. What are The WELL's normal security procedures?
A. The WELL follows normal UNIX and Internet system security
procedures including, but not limited to, implementing changes as
recommended by CERT advisories, security patches as available from
vendors (e.g. SUN, Cisco), regular use of system security diagnostic
software, including "crack" and other appropriate security related
measures. We feel it is inappropriate to enumerate all our security
measures in a public forum.
Q. Did the cracker get WELL members' credit card information or
personal files?
A. To the extent that we are able to determine, no credit card
information was accessed by the intruder.
We monitored nearly every keystroke of the cracker. A total of 11
accounts were compromised by the intruder, and we have contacted all
of the account holders. In general, the cracker was not interested
in information on The WELL itself, but used the WELL for storing
files from other sites.
Q. Wouldn't have changing all members' passwords have secured the
system?
A. Fundamentally, it wouldn't have made any difference. The tools
used by this cracker would not have been defeated by changing
individual passwords. Additionally, we have no information that
would lead us to believe that member's passwords had been cracked or
distributed.
Q. What exactly were you monitoring and who was doing this?
A. We were tracking network transactions, e.g.. ftp, smtp, telnet
etc. to and from systems known and/or suspected by us to have been
compromised. We added additional sites as we learned about this.
Those monitoring our system included The WELL tech staff as well as
Andrew Gross, a consultant from Shimomura's office.
Q. What are you doing to strengthen the security of The WELL?
A. We've purchased a new main server, a Sparc 1000e. We're
re-installing application software from binaries, implementing
one-time (DES) password protection for critical including root
passwords, and requiring every user on the system to select a new
password (adhering to standards that make password cracking more
difficult). We are continuing close liaison with Sun specialists
and other system security specialists and advisors to examine
techniques used by the cracker to gain system access and addressing
these system weaknesses.
The WELL plans to install the new Sparc 1000e on Monday, February
20th.
------------------------------
Date: Mon, 13 Feb 95 07:36:16 EST
From: Frank Tirado <[email protected]>
Subject: File 6--Re: Banished CPU BBS - commentary
CuD is to be commended for presenting articles from all sources,
regardless of how much we may disagree with them. A case in point is
the article by Dan Gannon, forwarded by David Smith.
Freedom of speech is a right of all individuals, even the hate
mongers, the apologists and the revisionists. To curtail their right
to speak out is to risk having our own freedoms curtailed. Contrarian
views are necessary since they provide a yardstick against which we
measure the rightness of our own beliefs. In fact, contrarian views
have often been proved correct; for example Columbus proved the world
was not flat, the Wright brothers proved that heavier than air flight
was possible.
Having said that, however, I must add that my heart bleeds for Mr.
Gannon and the Banished CPU. I believe that he and others of his kind
should be allowed to express their opinions in an open forum if only
so that those opinions can refuted by the historical record. Frankly,
no amount of revisionism can change the facts: Nazi atrocities
happened and Jews were the main victims of Nazi pogroms.
It is no favor to allow Nazi revisionists the full benefit of freedom
of speech. If their actions are overt, they can be watched. If they
express their beliefs in an open forum, they can be refuted.
Ultimately, they will reveal their true nature: bigots and hate
mongers.
Finally, Nazi revisionists serve a very useful function: they keep
present the horrors of the Holocaust and remind us that, if we are not
vigilant, it could easily happen again. To us.
------------------------------
Date: Thu, 23 Oct 1994 22:51:01 CDT
From: CuD Moderators <[email protected]>
Subject: File 7--Cu Digest Header Info (unchanged since 18 Feb, 1995)
Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.
CuD is available as a Usenet newsgroup: comp.society.cu-digest
Or, to subscribe, send a one-line message: SUB CUDIGEST your name
Send it to [email protected] or [email protected]
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.
Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
and on Rune Stone BBS (IIRGWHQ) (203) 832-8441.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.
EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown)
In ITALY: Bits against the Empire BBS: +39-461-980493
In LUXEMBOURG: ComNet BBS: +352-466893
UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/cud/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
JAPAN: ftp.glocom.ac.jp /mirror/ftp.eff.org/Publications/CuD
ftp://www.rcac.tdi.co.jp/pub/mirror/CuD
The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
URL: http://www.soci.niu.edu:80/~cudigest
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
------------------------------
End of Computer Underground Digest #7.15
************************************
|
|
