|
Articlues 1- 10 of newsletter
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
*******************************************************
** **
** PPPPP I RRRRR AAAAA TTTTT EEEEE **
** P PP I R RR A A T E **
** PPP I RRR AAAAA T EEEEE **
** P I R R A A T E **
** P I R R A A T EEEEE **
**keepin' the dream alive **
*******************************************************
-=> VOLUME 1, ISSUE 5, APRIL, 1990 <=-
(File 1 of 11)
**** WELCOME ****
To the fifth issue of -=* PIRATE *=-!
>> SPECIAL ISSUE ON LEGION OF DOOM BUSTS <<
Special thanks for getting this issue out go to:
Chris Robin
Ellis Dea
Hatchet Molly
Jedi
Jim Richards
Pru Dohn
Several anonymous (by choice) contributors
Sherlock Ohms
The Legion of Doom
Any comments, or if you want to contribute, most of us can
be reached at one of the following boards:
BOOTLEGGER'S >>> PIRATE HOME BOARD
RIPCO (Illinois)
SYCAMORE ELITE (815-895-5573)
EURO-AM CONNECTION (Illinois)
COMPANY OF WOLVES (301-791-1595)
THE ROACH MOTEL (California)
PACIFIC ALLIANCE (818-280-5710)
THE CHIMERAN CONSPIRACY (Minneapolist/St. Paul)
THE LIGHTNING SYSTEM (414-363-4282)
+++++++++++++++++++++++++++++++++++++++++++++++++++++
Dedicated to sharing knowledge, gossip, information, and tips
for warez hobbyists.
** CONTENTS THIS ISSUE **
File 1. Introduction
File 2. Commentary (by Ellis Dea)
File 3. Proscutor Press Release of LoD indictment
File 4. Federal Indictment of LoD bust
File 5. What pheds did to The Mentor
File 6. Pheds Hassle Employers
File 7. Jolnet Story (part 1)
File 8. Jolnet Story (part 2)
File 9. E-Mail Counter suit
File 10. Hackers Strike Back
File 11. Hackers and Phreaks as Postmodernists
------------------------------------------------
** ABOUT THIS ISSUE **
On February 6, 1990, a federal indictment came down in Chicago charging The
Prophet and Knight Lightning (co-editor of PHRACK) with interstate
transportation of stolen property, wire fraud, and violations of the federal
Computer Fraud and Abuse Act of 1986 (See Title 18, United States Code,
Section 1343, and Title 18, United States Code, Section 1030(a)(6)(A).
Although the indictment specifies no hard information other than inuendo and
rather spurious leaps of logic for the charges of attempted fraud and
conspiracy, it does claim that E911 documents (a training manual) was taken
from BellSouth's computer system. The Prophet is charged with obtaining the
documents, and Knight Lightning is charged with receiving them and editing
them for PHRACK. It seems KL's only "crime" is exercising his first amendment
right to freedom of the press, because the indictment indicates that
publishing information intended to sharpen certain types of computer skills
should be considered a federal crime.
In addition to TP and KL, other LoD members have been busted, harrassed, and
have had their equipment, and the equipment of their employers confiscated,
despite reliable information that no evidence of wrong-doing existed!
The Legion of Doom (LoD) busts have implications for every body, even those
who do not use computers. At stake are Constitutional rights of privacy and
first amendment rights of free speech, publishing, and information sharing.
The attempt to purge the world from those nasty computer underground
participants has led to arrests, "investigations," seizure of property for
evidence, and other "crimes" by law enforcement agents against computer owners
and users whether implicated in an offence or not. We find this trend to
frightening that we devote this issue of PIRATE to the Legion of Doom busts
and try to raise some of the issues that we see as important for
**EVERYBODY**!
What action can you take? Be careful not to violate the law, but DON'T BE
AFRAID TO EXPRESS YOUR RIGHTS TO SHARE INFORMATION! The "chilling effect" of
supressing freedom of speech has led some sysops to avoid posting anything
controversial. Even PIRATE has been deleted from some boards because the
sysops are afraid of reprisals by the pheds, which can include confiscation of
equipment and possible loss of income. You can help by uploading news
articles, stories, or any other info to as many boards as possible to spread
information and to let the sysops (and the pheds) know that there are still
people who believe we have a Constitution. Second, you can write your
congressional representatives and others who have made (and continue to make)
laws restricting information flow. Let them know you are concerned about
criminalizing non-harmful behaviors (such as posting PIRATE, PHRACK, or
articles related to the computer underground), and that you find the penalties
and the confiscation of equipment without hearing totally undemocratic.
Finally, talk about this stuff with friends and get your own viewpoint known.
Repression occurs in a vacuum, and we lose our freedoms not by some major
revolution, but slowly, gradually, a bit at a time while nobody is paying
attention.
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue I - 5 / File 2 of 11 ***
*** Commentary (By Ellis Dea) ***
***************************************************
A contributor sent over this opinion by Ellis Dea that was found on an
Illinois BBS. It equates the current witch hunts against the computer
underground with McCarthyism. It says it nicely, so here it is.
----------------
"The Hunt for the CU: The New McCarthyism?"
>> By Ellis Dea<<
I just read a paper that discussed the Post-Modernist ramifications of
"hacking" within the context of criminology %eds' note: This is apparently a
reference to an academic paper called "The Computer Underground as Postmodern
Resistance" that's appeared on a number of boards%. I found it interesting,
especially the earlier parts. This is not to say that the later parts were
uninteresting, but then I already knew much of the material presented therein.
What was new about the first part was the theoretical construct placed upon
the entire CU subculture, a construct I have hinted at perviously, but never
really formulated.
The paper takes an analytical stance, analyzing the phenomenon from a
post-modernist perspective and, I must confess, that these very aspects of the
situation constitute the attractiveness of it. However, the paper tends to
ignore much of the political aspects of the problem. The situation seems to
me not much different from the 1968 convention where the real issue was a
class struggle manifesting itself primarily in the Vietnam war while the media
manipulation was a matter of style (the "Yippies").
Today we are seeing a 90's version McCarthyism involving many of the same
elements including mass-hysteria, misinformation, and self-aggrandizement by
governmental functionnaires. The masses out there are firmly convinced that
any problem with their telephone is a result of "hackers." Police reports of
the arrests of 14 year olds constantly use the phrase "The Legion of Doom is
one of the most dangerous organizations in the country." Obviously, "hackers"
have replaced "communists" as the favorite scapegoat -- a villain we can all
fight and who is relatively harmless. How many of these nefarious "hackers,"
for example, have been found with any sort of weapons in their hands?
It seems also that there is a certain amount of prestige attached to the
apprehension of these "hackers." While no Senator has attained the prominence
of a McCarthy of the 50s, it would certainly be unwise for any of them to take
a position favoring a more realistic criminal code. The political climate and
media competence (or incompetence) is such that attempting to distinguish
between someone who has a genuine interest in computers from someone out to do
damage would be every bit as damaging to ones political and professional
career as it would be to distinguish between the recreational use of cannabis
and the sale of crack or heroin. All is lumped together under the term
"hacker" and anyone who makes distinctions is ultimately in danger of being
considered threats to national security.
The recent 911 affair is symptomatic of this. Reports of it on the media gave
the impression that the entire emergency system hade been damaged or destroyed
and one was left with the impression that people out there with heart attacks
and fending off rapists were left without telephone and, hence, assistance.
Only those who pursued th the documentation for the program that ran parts of
the system had been downloaded without any damage at all to the operation,
present or future, of the system. The only possible damage to the system is
in the embarrassment of those responsible for the security of the system. The
act did prove that the system could be brought to it knees, so to speak, but
if also proved that "hackers" had a much higher code of ethics since the
system was not affected in any way. If anything, the system is now more
secure as a result of the activities of these people and, rather than
castigating them in the press, the establishment should give them a medal of
some sort. The people who left the computer so open to penetration (notice
how C.I.A. language tends to creep in) are the ones who should be prosecuted.
They will not be prosecuted, however, because they were operating within the
system and were hence subject to its code. In other words, they subscribe, at
least openly, to the propaganda currently directed against "hackers."
Furthermore, to allow these public servants who pointed out the weaknesses of
the computer system to escape would be to admit incompetence. The "reasoning"
is that the prosecuted is wrong, they are prosecuted, therefore nothing was
wrong with the computer system. This is the same sort of convoluted reasoning
that is behind so many of the other domestic and foreign policies of our
country and nothing will happen to alter it. It is sobering to realize today
that perhaps the single most important figure against McCarthy, and the one
that made his decline possible, was Edward R. Murrow, a news journalist.
Murrow knew quite a bit about the dangers of fascism and knew how the soviets
were our allies during World War II. I do not see any parallel to him today
as relates to "hacking."
Lest we think that the media, especially the news components thereof, might be
able to inform the public about this, allow me to share with you an example of
how it works. I recently saw a segment on Shakespearian productions that
contained such bits of information as the fact that the dialect spoken in
appalachia today is closer to Shakespeare's than is the dialect spoken today
in England. The announcer then said, "On the serious side, George Bush hung
blue ribbons on the masts of . . . ." The only rational reaction is to tie a
yellow ribbon to your modem.
I will end this with a brief observation. Their are, of course, distinctions
between the "hackers" of today and the "communists" of the 50s --the "hackers"
need not be defenseless. They are not criminals, but our government's
persistance is turning them into criminals.
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue I - 5 / File 3 of 11 ***
*** Federal Press Release of LoD Bust ***
***************************************************
Reprinted below is the press release that accompanied the LoD indictment. The
indictment against The Prophet and Knight Lightning, 13 pages of it, contains
a variety of charges. The most absurd is that LoD was engaged in a conspiracy
to bring down the E911 system in the U.S. It is clear that agents are either
totally ignorant of what the computer underground is all about, or is too
arrogant to care in building their case. It appears they took the satirical
article in PHRACK 24 for a "confession" of some kind. In that article,
anonymous authors describe, humorously, how they got rich from New York's
Citicorp Bank. However, the Secret Service Agent in charge of the case in
Atlanta said that, from his knowledge of the case, he saw no indication that
monetary gain was at issue, and the media seems to ignore such things.
The case is in the jurisdiction of the U.S. District Court, Northern District
of Illinois, Eastern Division (Address: Chicago, IL, 60604). The case name is
U.S. v. RIGGS & NEIDORF, and the Docket number is 90-CR-70. For more
information, call the Assistant United States Attorney in charge of the case,
William J. Cook, at 312-886-7631. The U.S. Attorney in charge in Atlanta is
Kent Alexander (404)-331-6488.
------------------
INFORMATION RELEASE
FROM: U.S. Department of Justice
DATE: February 6, 1990
IRA H. RAPHAELSON, United States Attorney for the Northern District of
Illinois, and PATRICK T. McDONNELL, Special Agent In Charge of the United
States Secret Service in Chicago, today announced the indictment of Robert J.
Riggs, 20, of %address deleted%, and Craig M. Neidorf, 19 %address deleted%,
on charges that between December, 1988 and February, 1989 they entered into a
scheme to steal and publish to other hackers highly proprietary and sensitive
information about the operation of Bell South's Enhanced 911 emergency
communication system. The seven count indictment charges Riggs and Neidorf
with
Interstate Transportation of Stolen Property, Wire Fraud and Violations of the
Computer Fraud and Abuse Act of 1986.
Specifically, the indictment charges that Riggs, also known as "Robert
Johnson" and "The Prophet", stole a copy of Bell South's highly proprietary
and closely held computer program that controlled and maintained the E911
system. Bell South's E911 system controls emergency calls to the police, fire,
ambulance and emergency services in municipalities of the nine state region
served by Bell South; Alabama, Mississippi, Georgia, Tennessee, Kentucky,
Louisiana, North Carolina, South Carolina, and Florida. The indictment
alleges
that in December 1988 Riggs stole the E911 data valued at $79,449.00 by using
a computer outside the telephone company to call into the telephone company
computer in which the computer file was stored. The indictment charges that
Riggs then transferred the E911 data to a computer bulleting board in
Lockport, Illinois from which Neidorf, also known as "Knight Lightning", down
loaded it for publication in a computer hacker publication known as "PHRACK."
The indictment charges that Riggs was a member of a closely knit group of
computer hackers known as the Legion of Doom whose members are involved in
numerous illegal activities including:
*Disrupting telephone service by entering the telephone
companies switches (which are computers) and changing
the routing of telephone calls.
*Stealing computer data from individuals and companies.
*Stealing and modifying individual credit histories.
*Fraudulently obtaining money and property from companies
by altering information in their computers.
*Disseminating information about attacking computers to other
computer hackers in an effort to shift the focus of law
enforcement agencies to those other hackers and away from the
Legion of Doom.
The indictment charges that as part of their fraud scheme Riggs and Neidorf
disclosed the stolen information %reportedly PHRACK #24-eds.% about the
operation of the enhanced 911 system to other computer hackers so that they
could unlawfully access the E911 system and potentially disrupt or halt other
911 service in the United States.
If convicted on all counts of the indictment Riggs faces a maximum possible
prison sentence of 32 years and a maximum possible fine of $222,000.00; and
Neidorf faces a maximum possible prison sentence of 31 years and a maximum
possible fine $122,000.000.
In announcing the return of the indictment, Mr. Raphaelson noted that the
allegations of the indictment have far reaching implications for the health
and welfare of individuals in the United States who rely on their telephones
as a lifeline to the outside world. Mr. Raphaelson stated, "People who invade
our telecommunications and related computer systems for profit or personal
amusement create immediate and serious consequences for the public at large.
No one should be made to suffer loss of life or severe injury as a result of
hackers who have compromised emergency networks. The telecommunications
industry and law enforcement community have become attentive to these crimes
and those who choose to use their intelligence and talent to disrupt these
vital networks will find themselves vigorously prosecuted."
Raphaelson stated that the indictment in Chicago and a companion indictment in
Atlanta are the initial results of a year long investigation by agents of the
United States Secret Service in Chicago, Atlanta, Indianapolis, New York, St.
Louis and Kansas City. Raphaelson further noted that pursuant to Court Orders,
technical and expert assistance was provided to the United States Secret
Service by telecommunication companies including Bell South and its
subsidiaries, Southwestern Bell, NYNEX (New York), and Bellcore. Raphaelson
particularly praised the actions of Bell South for its proactive position in
bringing their intrusion problems to the attention of law enforcement
officials and for its formation of an Intrusion Task Force to analyze and
respond to the intrusions noted in the Chicago and Atlanta indictments.
Assistant United States Attorney William J. Cook, who heads the Computer Fraud
and Abuse Task Force, and Assistant United States Attorney Colleen D. Coughlin
presented the case to the federal grand jury and will be trying the case in
the United States District Court in Chicago.
Members of the public are reminded that the indictment is only a charge and is
not evidence of guilt. The defendants are entitled to a fair trial at which
time it will be the government's burden to prove their guilt beyond a
reasonable doubt.
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue I - 5 / File 4 of 11 ***
*** The LoD Indictment ***
***************************************************
UNITED STATES DISTRICT COURT NORTHERN
DISTRICT OF ILLINOIS
EASTERN DIVISION
)
UNITED STATES OF AMERICA )
)
v. ) No. ______________________
) Violations: Title 18, United
ROBERT J. RIGGS, also known ) States Code, Sections
as Robert Johnson, also ) 1030(a)(6)(A) and 2314
known as Prophet, and )
CRAIG NEIDORF, also known )
as Knight Lightning )
COUNT ONE
The SPECIAL APRIL 1987 GRAND JURY charges:
PROPERTY INVOLVED
1. At all times relevant herein, enhanced 911 (E911) was the
national computerized telephone service program for handling
emergency calls to the police, fire, ambulance and emergency
services in most municipalities in the United States. Dialing 911
provided the public immediate access to a municipality's Public
Safety Answering Point (PSAP) through the use of computerized all
routing. The E911 system also automatically provided the recipient
of an emergency call with the telephone number and location
identification of the emergency caller.
2. At all times relevant herein, the Bell South Telephone
Company and its subsidiaries ("Bell South") provided telephone
services in the nine state area including Alabama, Mississippi,
Georgia, Tennessee, Kentucky, Lousiana %sic%, North Carolina, South
Carolina and Florida.
3. At all times relevant herein, the E911 system of Bell South
was described in the text of a computerized file program known as
the Bell South Standard Practice 660-225-104SV Control Office
- 1 -
Administration of Enhanced 911 Services for Special and Major
Account Centers date March, 1988 ("E911 Practice"). The E911
Practice was a highly proprietary and closely held computerized
text file belonging to the Bell South Telephone Company and stored
on the company's AIMSX computer in Atlanta, Georgia. The E911
Practice described the computerized control and maintainence %sic%
of the E911 system and carried warning notices that it was not to be
disclosed outside Bell South or any of its subsidiaries except
under written agreement.
COMPUTER HACKERS
4. At all times relevant herein, computer hackers were
individual involved with the unauthorized access of computer
systems by various means.
5. At all times relevant herein, the Legion of Doom (LOD)
was a closely knit group of computer hackers involved in:
a. Disrupting telecommunications by entering
computerized telephone switches and changing the
routing on the circuits of the computerized
switches.
b. Stealing proprietary computer source code and
information from companies and individuals that
owned the code and information.
c. Stealing and modifying credit information on
individuals maintained in credit bureau computers.
- 2 -
d. Fraudulently obtaining money and property from
companies by altering the computerized information
used by the companies.
e. Disseminating information with respect to their
methods of attacking computers to other computer
hackers in an effort to avoid the focus of law
enforcement agencies and telecommunication security
experts.
6. At all times relevant herein ROBERT J. RIGGS, defendant
herein, was a member of the LOD.
7. At all times relevant herein CRAIG NEIDORF, defendant
herein, was a publisher and editor of a computer hacker newletter
%sic% known as "PHRACK."
8. At all times relevant herein, a public access computer
bulletin board system (BBS) was located in Lockport, Illinois which
provided computer storage space and electronic mail services to its
users. The Lockport BBS was also used by computer hackers as a
location for exchanging and developing software tools for computer
intrusion, and for receiving and distributing hacker tutorials and
other information.
E-MAIL
9. At all times relevant herein electronic mail (e-mail) was
a computerized method for sending communications and files between
individual computers on various computer networks. Persons who
sent or received e-mail were identified by an e-mail address,
similar to a postal address. Although a person may have more than
- 3 -
one e-mail address, each e-mail address identified a person
uniquely. The message header of an e-mail message identified both
the sender and recipient of the e-mail message and the date the
was %sic% message sent.
10. Beginning in or about September, 1988, the exact date
begin unknown to the Grand Jury, and continuing until the return
date of this indictment, at Lockport, in the Northern District of
Illinois, Eastern Division, and elsewhere,
ROBERT J. RIGGS, also known
as Robert Johnson, also
known as Prophet, and
CRAIG NEIDORF, also known
as Knight Lightning,
defendants herein, together with others known and unknown to the
Grand Jury, devised and intended to devise and participated in a
scheme and artifice to defraud and to obtain money and other things
of value by means of false and fraudulent pretenses and
representations, well knowing at the time that such pretenses,
representations and promises were false when made.
OBJECT OF FRAUD SCHEME
11. The object of the fraud scheme was to steal the E911
Practice text file from the computers of Bell South Telephone
Company though %sic% the use of false and fraudulent pretenses and
representations and to conceal all indications that the text file
had been stolen; and to thereafter publish the information about
the E911 Practice text file in a hacker publication for
dissemination.
- 4 -
OPERATION OF FRAUD SCHEME
12. It was part of the fraud scheme that the defendant NEIDORF
would and did advise the defendant RIGGS that he had assembled a
group of computer hackers for the purpose of distributing computer
information.
13. It was further part of the scheme that the defendant
RIGGS would and did steal sensitive proprietary Bell South
information files including the E911 Practice text file by gaining
remote unauthorized access to computers of the Bell South Telephone
Company.
14. It was further part of the scheme that the defendant
RIGGS would and did disguise and conceal the theft of the E911
Practice text file from Bell South Telephone Company by removing
all indications of his unauthorized access into Bell South
computers and by using account codes of legitimate Bell South users
to disguise his authorized use of the Bell South computer.
15. It was further part of the scheme that RIGGS would and
did transfer in interstate commerce a stolen E911 Practice text
file from Atlanta, Georgia to Lockport, Illinois through the use
of an interstate computer data network.
16. It was further part of the scheme that defendant RIGGS
would and did store the stolen E911 Practice text file on a
computer bulletin board system in Lockport, Illinois.
17. It was further part of the scheme that defendant NEIDORF,
utilizing a computer at the University of Missouri in Columbia,
Missouri would and did receive a copy of the stolen E911 text file
- 5 -
from defendant RIGGS through the Lockport computer bulletin board
system through the use of an interstate computer data network.
18. It was further part of the scheme that defendant NEIDORF
would and did edit and retype the E911 Practice text file at the
request of the defendant RIGGS in order to conceal the source of
the E911 Practice text file and to prepare it for publication in
a computer hacker newsletter.
19. It was further part of the scheme that defendant NEIDORF
would and did transfer the stolen E911 Practice text file through
the use of an interstate computer bulletin board system
used by defendant RIGGS in Lockport, Illinois.
20. It was further part of the scheme that the defendants
RIGGS and NEIDORF would publish information to other computer
hackers which could be used to gain unauthorized access to
emergency 911 computer systems in the United States and thereby
disrupt or halt 911 service in portions of the United States.
22. It was further a part of the scheme that the defendants
would and did misrepresent, conceal, and hide, and cause to be
misrepresented, concealed and hidden the purposes of ane %sic% the
acts done in furtherance of the fraud scheme, and would and did use
coded language and other means to avoid detection and apprehension
- 6 -
by law enforcement authorities and to otherwise provide security
to the members of the fraud scheme.
23. In or about December, 1988, at Lockport, in the
Northern District of Illinois, Eastern Division, and elsewhere,
ROBERT J. RIGGS, also known
as Robert Johnson, also
known as Prophet,
defendant herein, for the purpose of executing the aforesaid
scheme, did knowingly transmit and cause to be transmitted by means
of a wire communication in interstate commerce certain signs,
signals and sounds, namely: a data transfer of a E911 Practice
text file from Decatur, Georgia to Lockport, Illinois.
In violation of Title 18, United States Code, Section 1343.
- 7 -
COUNT TWO
The SPECIAL APRIL 1987 GRAND JURY further charges:
1. The Grand Jury realleges and incorporates by reference
the allegations of paragraphs 1 through 22 of Count One of this
Indictment as though fully set forth herein.
2. On or about January 23, 1989, at Lockport, in the
Northern District of Illinois, Eastern Division and elsewhere,
ROBERT J. RIGGS, also known
as Robert Johnson, also
known as Prophet, and
CRAIG NEIDORF, also known
as Knight Lightning,
the defendants herein, for the purposes of executing the aforesaid
scheme did knowingly transmit and cause to be transmitted by means
of a wire communication in interstate commerce certain signs,
signals and sounds, namely: a data transfer of a E911 Practice
text file from Decatur, Georgia to Lockport, Illinois, an edited
and retyped E911 Practice text file from Columbia, Missouri, to
Lockport, Illinois.
In violation of Title 18, United States Code, Section 1343.
- 8 -
COUNT THREE
The SPECIAL APRIL 1987 GRAND JURY further charges:
1. The Grand Jury realleges and incorporates by reference the
allegations of paragraphs 1 through 22 of Count One of this
indictment as though fully set forth herein.
2. In or about December, 1988, at Lockport, in the Northern
District of Illinois, Easter Division, and elsewhere,
ROBERT J. RIGGS, also known
as Robert Johnson, also
known as Prophet, and
CRAIG NEIDORF, also known
as Knight Lightning,
defendants herein, did transport and cause to be transported in
interstate commerce from Decatur, Georgia, to Lockport, Illinois,
a computerized text file with a value of $5,000 or more, namely:
A Bell South Standard Practice (BSP) 660-225-104SV- Control
Office Administration of Enhanced 911 Services for Special
Services and Major Account Centers dated March, 1988; valued
at approximately $79,449.00
the defendants then and there knowing the same to have been stolen,
converted, and taken by fraud;
In violation of Title 18, United States Code, Section 2314.
- 9 -
COUNT FOUR
The SPECIAL APRIL 1987 GRAND JURY further charges:
1. The Grand Jury realleges and incorporates by reference the
allegations of paragraphs 1 through 22 of Count one of this
Indictment as though fully set forth herein.
2. On or about January 23, 1989, at Lockport, in the Northern
District of Illinois, Eastern Division, and elsewhere,
ROBERT J. RIGGS, also known
as Robert Johnson, also
known as Prophet, and
CRAIG NEIDORF, also known
as Knight Lightning,
defendants herein, did transport and cause to be transported in
interstate commerce from Columbia, Missouri, to Lockport, Illinois,
a computerized textfile with a value of $5,000 or more, namely:
An edited Bell South Standard Practice (BSP) 660-225-
104SV- Control Office Administration of Enhanced 911
Services for Special Services and Major Account Centers
dated March, 1988; valued at approximately $79,449.00.
the defendants, then and there knowing the same to have been
stolen, converted, and taken by fraud;
In violation of Title 18, United States Code, Section 2314.
- 10 -
COUNT FIVE
The SPECIAL APRIL 1987 GRAND JURY further charges:
1. The Grand Jury realleges and incorporates by reference
the allegations of paragraphs 1 through 22 of Count One of this
Indictment as though fully set forth herein.
2. On or about December, 1988, at Lockport, in the
Northern District of Illinois, Eastern Division and elsewhere,
ROBERT J. RIGGS, also known
as Robert Johnson, also
known as Prophet, and
CRAIG NEIDORF, also known
as Knight Lightning,
the defendants herein, knowingly and with intent to defraud, trafficked
in information through which a computer may be accessed without
authorization and by such conduct affected interstate commerce;
In violation of Title 18, United States Code, Section
1030(a)(6)(A).
- 11 -
COUNT SIX
The SPECIAL APRIL 1987 GRAND JURY further charges:
1. The Grand Jury realleges and incorporates by reference
the allegations of paragraphs 1 through 22 of Count One of this
Indictment as though fully set forth herein.
2. In or about January, 1989, at Lockport, in the Northern
District of Illinois, Eastern Division and elsewhere,
ROBERT J. RIGGS, also known
as Robert Johnson, also
known as Prophet, and
CRAIG NEIDORF, also known
as Knight Lightning,
the defendants herein, knowingly and with intend to defraud, trafficked
in information through which a computer may be accessed without
authorization and by such conduct affected interstate commerce;
In violation of Title 18, United States Code, Section
1030(a)(6)(A).
- 12 -
COUNT SEVEN
The SPECIAL APRIL 1987 GRAND JURY further charges:
1. The Grand Jury realleges and incorporates by reference the
allegations of paragraphs 1 through 22 of Count One of this
Indictment as though fully set forth herein.
2. In or about February, 1989, at Lockport, in the Northern
District of Illinois, Eastern Division and elsewhere,
ROBERT J. RIGGS, also known
as Robert Johnson, also
known as Prophet, and
CRAIG NEIDORF, also known
as Knight Lightning,
the defendants herein, knowingly and with intent to defraud, trafficked
in information through which a computer may be accessed without
authorization and by such conduct affected interstate commerce;
In violation of Title 18, United States Code, Section
1030(a)(6)(A).
A TRUE BILL:
________________________________
F O R E P E R S O N
________________________________
UNITED STATES ATTORNEY
- 13 -
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue I - 5 / File 5 of 11 ***
*** Pheds bust The Mentor ***
***************************************************
Apparently, just operating a BBS can rankle the pheds! The Mentor, operator
of one of the best information BBSs around, was busted and charges that remain
obscure. Here's what happened (courtesy of an anonymous contributor):
-----------------
>From: mosley@peyote.cactus.org (Bob Mosley III)
Newsgroups: comp.dcom.telecom
Subject: Austin, TX BBS Shut Down From Joinet Bust Fallout
Message-ID: <[email protected]>
Date: 4 Mar 90 17:22:26 GMT
This hit most BBS's in the Austin area on Thursday. It's believed the bust
came down Wednesday morning. In a nutshell, here's what happened:
Wednesday morning, Feb. 28, the offices of Steve Jackson Games, inc., were
raided by FBI and Secret Service officials. The establishment was shut down,
and all computer systems, including the Illuminati BBS, were confiscated.
At that time, a 'retired' member of the LoD, who was identified as 'The
Mentor' was arrested. The charges reportedly are related to the recent 911
bust that has shut down Jolnet and ATTATC (or whatever Killer used to be
called). His home system was confiscated, complete with an entire collection
of "Phrack" issues and related paraphanalia.
As of this writing, the Mentor is reportedly out on bail, sans system and
network connection. The Illuminati BBS is still down, although SJ Games is
back in operation, and no charges have been filed against any of the employees
other than The Mentor. The systems owned by SJ Games have not been returned as
of this writing.
Finally, rumors were trickling in early this morning (Saturday, 3/4) that two
BBS's in Dallas, three in Houston, and one in San Antonio were busted by the
same authorites in relation to the same case.
[in light of the Mentor's posted defense of the LoD, I kinda thought you'd
like to see this one! - OM]
News is that Illuminati BBS, a system run by a company named Steve Jackson
Games somewhere in Texas, was also shut down and its equipment seized by the
federal government because two suspected Legion of Doom members were among its
users.
...I've just gotten a new update on the Mentor's recent apprehension by the
Feds. Thought you might like to hear something as close to as direct from the
Mentor as possible under the circumstances.
From: Daneel Olivaw #96 @5283 Date: Sun Mar 04 19:55:28 1990
I'll have to play the Mentor for now (with permission granted).
If you haven't heard the rumors, here is the truth.
The Mentor was awakened at 6:30am on Thursday (3/1/90) with the gun of a
Secret Service agent pointed at his head. The SS proceded to search and seize
for the next 4 1/2 hours. Things taken include an AT with 80mb HD, HP
LaserJet II, various documents, and other things. They then proceded to raid
his office at work, and sieze the computer and laser printer there. Lost in
the shuffle was a complete novel (being written and due in 2 weeks), and
various other things.
Across town: Those of you who know Erik Bloodaxe, he was also awakened, and
his house searched.
Neither have been charged with anything, but they expect to at least be called
as witnesses at the case of the Phrack Boys (Knight Lightning and Tarren King)
in Chicago April 15.
Apparently, they did a shoddy job, as they tagged a book that Mentor had
borrowed from me (Quarterman's "The Matrix"), and then forgot to take it, oh
well....
It ain't lookin so lovely. Also the UT computer systes are under *VERY* close
watch, as they were/are being hacked on by hackers around the world, including
some in Australia, and England.
OM
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue I - 5 / File 6 of 11 ***
*** Feds Hassle Employers ***
***************************************************
The following buffered file was captured from ILLUMINATI BBS, a legitimate,
above board, business BBS in Texas. It belonged to Steve Jackson, who runs a
business for writing computer games. An employee worked there who was
investigated by the Secret Service. The employee was "visited" at his home at
6:30 in the morning, his equipment was confiscated, and then the pheds went to
his place of employment, Steve Jackson Games, and confiscated some *BUSINESS
EQUIPMENT* "just in case." Although it is not clear what the employee had
done, his "evil vibes" may have spread, so off went the pheds with the
equipment after closing the shop for over half a day! We reprint this because,
in the CURRENT WITCH HUNT FOR COMPUTER UNDERGROUND MEMBERS, the lesson is:
IT CAN HAPPEN TO YOU!!
-----------------------
------- start of text from Illuminati BBS -------
NOTE! WE RECOMMEND YOU OPEN YOUR CAPTURE BUFFER AS YOU READ THE
FOLLOWING INFORMATION, OR AT LEAST BE READY TO USE ^S AND ^Q TO
STOP THE SCROLLING AS YOU READ.
PRESS RETURN:
GREETINGS, MORTAL! YOU HAVE ENTERED
THE SECRET COMPUTER SYSTEM OF
/%
/ %
/ () %
/ ____ %
/ / % %
/__________%
THE ILLUMINATI
FRONTED BY STEVE JACKSON GAMES
INCORPORATED. ALL RIGHTS RESERVED. FNORD
NOTE! AT THE MOMENT ILLUMINATI IS AN READ-ONLY SYSTEM. READ THE
INFORMATION BELOW TO FIND OUT WHY. USING THE SPACE BAR WILL LOG YOU
OFF. YOU CAN STOP THE SCROLLING AT ANY TIME WITH A CONTROL-S.
CONTROL-Q WILL RESUME THE SCROLLING.
YOU MAY HAVE NOTICED THAT OUR CORPORATE MASCOT, WHO USUALLY GREETS OUR
CALLERS WITH A CHEERFUL SMILE, IS FROWNING TODAY. I THINK YOU'LL AGREE
HE HAS EVERY RIGHT TO.
BEFORE THE START OF WORK ON MARCH 1, STEVE JACKSON GAMES WAS VISITED
BY AGENTS OF THE UNITED STATES SECRET SERVICE. THEY SEARCHED THE
BUILDING THOROUGHLY, TORE OPEN SEVERAL BOXES IN THE WAREHOUSE, BROKE A
FEW LOCKS AND DAMAGED A COUPLE OF FILING CABINETS (WHICH WE WOULD
GLADLY HAVE LET THEM EXAMINE, HAD THEY LET US INTO THE BUILDING),
ANSWERED THE PHONE DISCOURTEOUSLY AT BEST, PROBABLY ATE A FEW OF THE
ORANGE SLICES THAT WERE ON FEARLESS LEADER'S DESK (WHICH THEY WERE
WELCOME TO, BY THE WAY), AND CONFISCATED SOME COMPUTER EQUIPMENT,
INCLUDING THE COMPUTER THAT THE BBS WAS RUNNING ON AT THE TIME.
SO FAR WE HAVE NOT RECEIVED A CLEAR EXPLANATION OF WHAT THE SECRET
SERVICE WAS LOOKING FOR, WHAT THEY EXPECTED TO FIND, OR MUCH OF
ANYTHING ELSE. WE ARE FAIRLY CERTAIN THAT STEVE JACKSON GAMES IS NOT
THE TARGET OF WHATEVER INVESTIGATION IS BEING CONDUCTED; IN ANY
CASE, WE HAVE DONE NOTHING ILLEGAL AND HAVE NOTHING WHATSOEVER TO
HIDE. HOWEVER, THE EQUIPMENT THAT WAS SEIZED IS APPARENTLY CONSIDERED
TO BE EVIDENCE IN WHATEVER THEY'RE INVESTIGATING, SO WE AREN'T LIKELY
TO GET IT BACK ANY TIME SOON. IT COULD BE A MONTH, IT COULD BE NEVER.
IN THE MEANTIME, FEARLESS HAS LOANED STEVE JACKSON GAMES THE APPLE SYSTEM
THE BBS RAN ON BACK IN THE OLD DAYS BEFORE JOLNET. TO MINIMIZE THE POSSI-
BILITY THAT THIS SJSTEM WILL BE CONFISCATED AS WELL, WE HAVE SET IT UP TO
DISPLAY THIS BULLETIN, AND THAT'S ALL. THERE IS NO MESSAGE BASE AT PRESENT.
WE APOLOGIZE FOR THE INCONVENIENCE, AND WE WISH WE DARED DO MORE THAN
THIS. HOWEVER, WE AGONIZED LONG AND HARD, AND DECIDED IT WAS A COURTESY TO
OUR CALLERS TO LET THEM KNOW WHAT WAS HAPPENING.
AT THIS POINT WE DON'T KNOW WHEN THE BBS WILL BE BACK UP FOR REAL. IF
YOU HAVE IMPORTANT INFORMATION FOR US, SUCH AS PLAYTEST NOTES, YOU CAN
MAIL THEM TO US (YEAH, I KNOW, ECCH) OR IF IT'S SOMETHING TRULY
IMPORTANT, YOU CAN REACH US AT OUR VOICE NUMBER (512-447-7866). IN THE
MEANTIME, FEARLESS WILL BE CHECKING IN ON A REGULAR BASIS ON SMOF
(512-UFO-SMOF) AND RED OCTOBER (512-834-2548).
IN PARTICULAR, IF YOU HAVE DOWNLOADED THE GURPS CYBERPUNK PLAYTEST
MATERIAL THAT WAS ON THE BOARD, PLEASE LET US KNOW RIGHT AWAY SO WE
CAN ARRANGE TO GET A COPY. SOME OF THAT MATERIAL WAS NOT EASILY
REPLACABLE, AND WE WOULD LIKE TO GET COPIES - IT WOULD MAKE GETTING
GURPS CYBERPUNK OUT MUCH, MUCH EASIER (AND IT WOULD COME OUT THAT MUCH
SOONER). PLEASE CALL US AND ASK TO TALK TO CREEDE OR LOYD FOR
ARRANGEMENTS.
THANK YOU FOR YOUR UNDERSTANDING, AND THANKS TO EVERYONE WHO HAS GIVEN
US WORDS OF ENCOURAGEMENT AND SUPPORT. WE HOPE WE'LL BE BACK ON LINE,
FULL TIME, VERY SOON.
-- STEVE JACKSON GAMES AND
THE SYSOPS OF THE ILLUMINATI BBS
------- end of text from Illuminati BBS -------
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue I - 5 / File 7 of 11 ***
*** Jolnet Involvement, Part 1 ***
***************************************************
When authorities investigated the Legion of Doom's alleged illicit activities,
they apparently were aided by JOLNET, a BBS in Lockport (near Joliet)
Illinois. Despite the cooperation, the board closed down, at least
temporarily, and some of their equipment was confiscated. The sysop reportedly
lost his job, although the details are not fully clear. The following
summarizes JOLNET's involvement and raises some scary issues.
The following is from TELECOM DIGEST (Vol 10, #166, msg 1, March 12).
------------
The operator of an Illinois computer bulletin-board system apparently helped
federal officials crack a multi-state ring of hackers now charged with
breaking into a computer system running a 911 system in the South and
distributing a highly technical on- line manual describing how to run - and
disrupt - the system.
Federal officials are not saying much about the investigation, except to say
it is continuing, but observers in the telecommunications field say it may be
widened to include a close look at hundreds of on-line break-ins and attempted
break-ins of computers tied to the international Usenet network since last
summer.
Ironically, though, the Illinois system operator had his system seized by the
government as evidence in the case. The government may also be seizing other
bulletin-board systems the hackers may have used. And that raises some
troubling questions about the protection of electronic mail and
First-Amendment rights on electronic networks.
Charged so far are four members of the %%Legion of Doom,'' which federal
officials allege did things such as re-programming computerized phone switches
and changing people's computerized credit ratings.
Federal authorities were apparently aided by Rich Andrews, operator of Jolnet,
one of a small but growing number of private systems connected to the Usenet
international computer network (itself a part of the Internet research
network).
In an interview with Patrick Townson, who moderates a telecommunications
conference on Usenet, Andrews says his involvement began about 18 months ago.
According to Townson, Andrews noticed the 911 documentation had been uploaded
to his system and promptly sent it to another Usenet-linked BBS operated by
AT&T, with a request that it be sent to the right people there.
Andrews acknowledged, though, that he then kept a copy of the text himself. A
few months later, AT&T contacted him, asking him for the manual, and then the
feds got in touch with him. It was then, about a year ago, Townson says, that
Andrews decided to cooperate with the feds.
According to Townson, Andrews said the 911 software was just %%a small part of
what this is all about...''
As part of the investigation, Andrews did nothing about the Legion of Doom
members allegedly using his system to pass the 911 manual back and forth and
to develop programs to crack other systems, Townson says.
If convicted, the alleged hackers face upwards of 30 years in jail and several
hundred thousands of dollars in fines.
The seizure of Andrew's system has a number of system operators worried.
Unlike phone companies, which cannot be held liable for the actions of their
subscribers, computer bulletin-board systems fall into one of those gray areas
that remain unsettled.
Already, Bill Kuykendall, who runs a Chicago system similar in operation to
Jolnet, has tightened up his requirements for who he will let on the system.
%%Today, there is no law or precedent which affords me, as owner and system
administrator of The Point, the same legal rights that other common carriers
have against prosecution should some other party (you) use my property (The
Point) for illegal activities,'' he wrote in a recent message to users of his
system. %%That worries me.
%%By comparison, AT&T cannot be held liable should someone use their phone
lines to transmit military secrets to an enemy. Likewise, Acme Trucking is
not vulnerable to drug trafficking charges should they pull a sealed trailer
of cocaine to some destination unknowingly. Yet somehow, I am presumed to be
cognizant of the contents of every public message, mailed message, and file
upload that passes through this public access system. On a system this size,
that may be nearly a gigabyte (1+ Billion characters!) of information a year.
%%I fully intend to explore the legal questions raised here. In my opinion,
the rights to free assembly and free speech would be threatened if the owners
of public meeting places were charged with the responsibility of policing all
conversations held in the hallways and lavatories of their facilities for
references to illegal activities.
%%Under such laws, all privately owned meeting places would be forced out of
existence, and the right to meet and speak freely would vanish with them. The
common sense of this reasoning has not yet been applied to electronic meeting
places by the legislature. This issue must be forced, or electronic bulletin
boards will cease to exist.''
>--------=====END=====--------<
***************************************************
*** Pirate Magazine Issue I - 5 / File 8 of 11 ***
*** Jolnet Involvement, Part 2 ***
***************************************************
Here's some more info on JOLNET and the issues involved send from a
contributor who subscribes to TELECOM DIGEST, where the LoD busts
seem to have stimulated some interest.
----------------------
Date: 27 Feb 90 08:33:51 GMT
Sender: [email protected]
Organization: TELECOM Digest
Lines: 24
Approved: [email protected]
X-Submissions-To: [email protected]
X-Telecom-Digest: Volume 10, Issue 131, Message 4 of 8
From what I have noted with respect to Jolnet, there was a serious
crime committed there -- by the FBI. If they busted a system with email
on it, the Electronic Communication Privacy Act comes into play.
Everyone who had email dated less than 180 days old on the system is
entitled to sue each of the people involve in the seizure for at least
$1000 plus legal fees and court cost. Unless, of course, the FBI did
it by the book, and got warrants to interfere with the email of all
who had accounts on the systems.
If they did, there are strict limits on how long they have to inform
the users. A case of this type has been filed (just under the two
year limit) in Los Angeles Federal Court. I have hard copy, will try
to get it typed in and see about posting it.
Incidentally, the entire text of the ECPA is on Portal. The section
you want to look at is 2701-2707. Keith Henson
[email protected]
[Moderator's Note: From what I have heard, there were serious crimes
committed there alright.... and the feds had their papers in order.
I'm rather sure they will observe the law. PT]
----------------------------------------------------------------------
>From: Chip Rosenthal <[email protected]>
Subject: Re: AT&T Sourcecode: Poison!
Date: 3 Mar 90 00:00:00 GMT
Organization: Unicom Systems Development, Austin (yay!)
[Moderator's Note: Original date of 2/25 changed to prevent premature
expiration. PT]
You've got a lot of nerve, Patrick.
[email protected] (TELECOM Moderator) writes:
>We're told by a deep-throat type that AT&T is on the war path about
>their software [...] Like jolnet, netsys went down abruptly, with
>*everything* confiscated [...] Now comes news that attcdc [sic], formerly
>known as killer went off line in a hurry.....
Yessir, after all your complaints about that about anonymous Legion of
Doom message, this is a really crummy thing to post. Based upon
unattributed conversations, you imply that Len Rose and Charlie Boykin
were involved in wrongdoing which lead to the shutdown of their
systems.
I don't know Len personally, but have had uucp connections with him in
the past. Charlie, on the other hand, I do know personally. He is
very well regarded in the Dallas/Fort Worth area, and was voted "1989
DFW Administrator of the Year" by the DFW lunch-bunch...errr....DFW
Association of Unix System Administrators.
You have cast some crummy aspersions towards these guys. Since I know
them, I will wait for the facts to come in. Others who don't know
them could very well jump to conclusions on the basis of this posting.
Was this message really called for?
Chip Rosenthal | Yes, you're a happy man and
you're
[email protected] | a lucky man, but are you a smart
Unicom Systems Development, 512-482-8260 | man? -David Bromberg
------------------------------
Date: Wed, 28 Feb 90 21:38:39 EST
>From: Mike Riddle <Mike.[email protected]>
Subject: Jolnet Seizure
Reply-to: Mike.[email protected]
Organization: DRBBS Technical BBS, Omaha, Ne. 402-896-3537
Has anyone tried a novel legal approach to the case of equipment
seizure as "evidence"? As I remember the Electronic Communications
Privacy Act, it contains specific procedures for authorities to obtain
copies/listings of data on a system (which system may have been used
for illegal purposes, but whose operator is not at the moment
charged). From this I think a creative attorney could construct an
argument that the national policy was not to seize equipment, merely
to obtain all the information contained therein. After all, it's the
data that caused any harm.
Also, the Federal Rules of Evidence, and most state rules, provide
that computer generated copies are "originals" for evidentiary
purposes.
I hope that someone close enough to the scene can keep us informed
about what is happening on this one.
%standard disclaimer goes here--don't pay any attention to me!%
------------------------------
>From: [email protected]
Subject: Article Regarding JOLNET/e911/LoD/Phrack
The following is an article I received five days ago which contains, to my
knowledge, information as yet unpublished in comp.dcom.telecom regarding the
ongoing JOLNET/e911/LoD discussion. It was printed in a weekly magazine
with a publishing date of Feb. 27 but other than that I have no exact idea
of when the events mentioned herein took place.
- Ben Rooney
MISSOURI STUDENT PLEADS INNOCENT IN 911 SYSTEM INTRUSION CASE
Craig Neidorf, a 19-year-old University of Missouri student, has
pleaded not guilty to federal allegations that he invaded the 911
emergency phone network for 9 states.
As reported earlier, he was indicted this month along with Robert J.
Riggs, 20, of Decatur, Ga. Both are charged with interstate
transportation of stolen property, wire fraud, and violations of the
federal Computer Fraud and Abuse Act of 1986.
Prosecutors contend the two used computers to enter the 911 system of
Atlanta's Bell South, then copied the program that controls and
maintains the system. The stolen material later allegedly was
published on a computer bulletin board system operating in the Chicago
suburb of Lockport. Authorities contend Neidorf edited the data for
an electronic publication known as "Phrack."
According to Associated Press writer Sarah Nordgren, in a recent
hearing on the case Assistant U.S. Attorney William Cook was granted a
motion to prevent the 911 program from becoming part of the public
record during the trial. U.S. District Judge Nicholas Bua set April
16 for a trial.
The 911 system in question controls emergency calls to police, fire,
ambulance and emergency services in cities in Alabama, Mississippi,
Georgia, Tennessee, Kentucky, Louisiana, North Carolina, South
Carolina and Florida.
---------------------------------------
Article from "A Networker's Journal" by Charles Bowen.
Info-Mat Magazine (Vol. 6, No. 2)
[Moderator's Note: %Info-Mat Magazine%, by the way, is the excellent
electronic journal distributed on many BBS machines throughout the
United States who are fortunate enough to be accepted as part of the
magazine's distribution network. I personally wish it was distributed
on Usenet as well: it is well written and very informative. PT]
------------------------------
Date: Sat, 3 Mar 90 19:34:54 CST
>From: TELECOM Moderator <[email protected]>
Subject: A Conversation With Rich Andrews
After the first articles appeared here relating to the seizure of
Jolnet, and the indictment of some people for their part in the theft
of '911 software', I got various messages from other folks in
response. Some were published, while others were just personal
correspondence to me. One from Chip Rosenthal was held over, and is
included in this special issue today.
One writer, whose comments were attributed to 'Deep Throat' spent some
time on two occassions on the phone, in a conference call between
himself, David Tamkin and myself.
What was lacking in the several messages which appeared over the past
week were comments from Rich Andrews, system administrator of Jolnet.
I got one note from someone in Canada who said Andrews wanted to speak
with me, and giving a phone number where I could call Andrews at his
place of employment.
I put in a call there, with David Tamkin on the other line and had a
long discussion with Andrews, who was aware of David being on the line
with me. I asked Andrews if he had any sort of net access available
to him at all -- even a terminal and modem, plus an account on some
site which could forward his mail to telecom. You see, I thought, and
still think it is extremely important to include Rich Andrews in any
discussion here.
He assured me he did have an account on a Chicago area machine, and
that a reply would be forthcoming within hours. I had a second
conversation with him the next morning, but without David on the line.
He again told me he would have a response to the several articles
written in the Digest ready and in the email 'very soon'. This was on
Wednesday morning, and we estimated his message would be here sometime
later in the day -- certainly by midnight or so, when I am typically
working up an issue of the Digest.
Midnight came and went with no message. None showed up Thursday or
Friday. I deliberatly withheld saying anything further in the hopes
his reply would be here to include at the same time. I guess at this
point we have to go on without him.
When David Tamkin and I talked to him the first time, on Tuesday
evening this past week, the first thing Andrews said to us, after the
usual opening greetings and chitchat was,
"I've been cooperating with them for over a year now. I assume you
know that."
We asked him to define 'them'. His response was that 'them' was the
United States Secret Service, and the Federal Bureau of Investigation.
He said this without us even asking him if he was doing so.
We asked him to tell us about the raid on his home early in February.
He said the agents showed up that Saturday afternoon with a warrant,
and took everything away as 'evidence' to be used in a criminal
prosecution.
ME> "If you have been working and cooperating with them for this long,
why did they take your stuff?"
RA> "They wanted to be sure it would be safe, and that nothing would be
destroyed."
ME> "But if you wanted to simply keep files safe, you could have taken
Jolnet off line for a few weeks/months by unplugging the modems from
the phone jacks, no? Then, plugged in a line when you wanted to call
or have a trusted person call you."
RA> "They thought it was better to take it all with them. It was mostly
for appearance sake. They are not charging me with anything."
ME> "Seems like a funny way to treat a cooperative citizen, at least
one who is not in some deep mess himself."
He admitted to us that several crackers had accounts on Jolnet, with
his knowledge and consent, and that it was all part of the investigation
going on ... the investigation he was cooperating in.
Here is how he told the tale of the '911 software':
The software showed up on his system one day, almost two years ago. It
came to him from netsys, where Len Rose was the sysadmin. According to
Andrews, when he saw this file, and realized what it was, he knew the
thing to do was to 'get it to the proper authorities as soon as
possible', so he chose to do that by transferring it to the machine
then known as killer, a/k/a attctc, where Charlie Boykin was the
sysadmin.
Andrews said he sent it to Boykin with a request that Boykin pass it
along to the proper people at AT&T.
ME> "After you passed it along to Boykin, did you then destroy the
file and get it off your site?"
RA> "Well, no... I kept a copy also."
ME> "Did Charlie Boykin pass it along to AT&T as you had requested?"
RA> "I assume he did."
But then, said Andrews, a funny thing happened several months later.
The folks at AT&T, instead of being grateful for the return of their
software came back to Andrews to (in his words) 'ask for it again.'
Somehow, they either never got it the first time; got it but suspected
there were still copies of it out; or were just plain confused.
So he was contacted by the feds about a year ago, and it was at that
point he decided it was in his best interest to cooperate with any
investigation going on.
Andrews pointed out that the '911 software' was really just ".... a
small part of what this is all about..." He said there was other
proprietary information going around that should not be circulating.
He said also the feds were particularly concerned by the large number
of break-ins on computers which had occurred in the past year or so.
He said there have been literally "....thousands of attempts to break
into sites in the past year....", and part of his cooperation with the
authorities at this time dealt with information on that part of it.
We asked him about killer/attctc:
ME> "You knew of course that killer went off line very abruptly about
a week ago. What caused that? It happened a week or so after the feds
raided you that Saturday."
RA> "Well the official reason given by AT&T was lack of funds, but you
know how that goes...."
Now you'd think, wouldn't you, that if it was a funding problem -- if
you can imagine AT&T not having the loose change in its corporate
pocket it took to provide electrical power and phone lines to attctc
(Charlie got no salary for running it) -- that at least an orderly
transition would have taken place; i.e. an announcement to the net; an
opportunity to distribute new maps for mail and news distribution,
etc; and some forthcoming shut down date -- let's say March 1, or
April 1, or the end of the fiscal year, or something....
But oh, no... crash boom, one day it is up, the next day it is gone.
ME> "What do you know about the temporary suspension of killer some
time ago? What was that all about?"
RA> "It was a security thing. AT&T Security was investigating Charlie
and some of the users then."
Andrews referred to the previous shutdown of killer as 'a real blunder
by AT&T', but it is unclear to me why he feels that way.
We concluded our conversation by Andrews noting that "there is a lot
happening out there right now."
He said the [Phrack] magazine distribution, via netsys, attctc and
jolnet was under close review. "One way to get them (crackers) is by
shutting down the sites they use to distribute stuff..."
And now, dear reader, you know everything I know on the subject. Well,
almost everything, anyway....
From other sources we know that Len Rose of netsys was in deep
trouble with the law *before* this latest scandal. How deep? Like he
was ready to leave the country and go to the other side of the world
maybe? Like he was in his car driving on the expressway when they
pulled him over, stopped the car and placed him under arrest? Deep
enough? This latest thing simply compounded his legal problems.
Patrick Townson
>--------=====END=====--------<
|
|
