------------------------------ Date: 22 September, 1990 From: Gordon Meyer Subject: Review of Steven Levy's CLOAK AND DAGGER ******************************************************************** *** CuD #2.04: File 6 of 7: Review of Levy's Cloak and Dagger *** ******************************************************************** CuD Synopsis "Code and Dagger" by Steven Levy The Iconoclast, MacWorld 9/90 p69-80 Summary by Gordon Meyer ------------------------ In the spring of 1988 a group using the name "The nuPrometheus League (Software Artists for Information Dissemination)" mailed unmarked computer disks to several prominent computer industry journalists and authors. These disks contained Apple Computer source code to the Color Quick Draw routines used in the Macintosh operating system. One year later the author, Steven Levy, reports that he recently received a series of phone calls from an FBI agent investigating the case. Levy's column ("The Iconoclast") in the September 1990 issue of MacWorld paints an interesting story about the investigation, much of it mirroring the issues raised by the Secret Service's "Operation Sun devil" and other computer crime investigations. In his article Levy tells of the Agent repeatedly questioning him about nuPrometheus, despite Levy's denials of have any real knowledge of the matter. The agent appeared to be reading the questions of a list, without any real understanding of the answers he was receiving. Two weeks later Levy received a call from a different agent and when this agent was queried how he came to be questioning the author the reply was "Somehow your name came up". When asked why the FBI was pursuing the case one year later, despite the fact that no other nuPrometheus activity had occurred since the original incident, the answer was that this was a significant case of Interstate Transportation of Stolen Property and could be equated with the theft of a national secret. For, the agent explained, if a spy were to come by this code he could use to break into the Macintosh computer and steal the secrets within! Levy reports that others have been interviewed in conjunction with the case as well. One, Mitch Kapor, described his interview as being almost surrealistic and profoundly disturbing. Levy quotes Kapor as saying: "It seemed obvious to me they didn't have a clear sense of the technology - there was such a lack of understanding that the effort to investigate wouldn't bear fruit. They were lost in cyberspace." Others who were interviewed report similar experiences. John Perry Barlow was told that the annual Hacker's Conference (a yearly meeting of highly-skilled computer programmers) was actually a gathering of computer outlaws. Grady Ward, a former Apple programmer, was told that the stolen source codes was filtering back to Communist enemies (via Toshiba electronics). Levy, attempting to tip the scales of discourse back towards more rational thought, writes: "That (the claim that this is a case of interstate theft) may be the legal charge, but the theft of source code involved in nuPrometheus is quite a different matter from hijacking a truck or robbing a bank. Software is a much trickier object than swag or money - it can move in elusive ways, and therefore access to protected software is a technically complicated matter. And the problem of the criminal's motive requires an even deeper understanding. In order to understand and ultimately apprehend the perpetrator, one must realize that this particular crime seems motivated not by greed or maliciousness, but by a peculiar attitude toward technology in general and the role of Apply Computer in particular." ... "One has to feel some sympathy for the agents here - it's a terrible burden to have to solve this rather bizarre ideological crime without being steeped in the lore of Silicon Valley." (p.74) CuD readers will immediately recognize the similarities between this investigation and those associated with Operation sun devil. In both instances the investigators have constructed a list of suspects based on associations with "suspected hackers" and have defined cultural and socially normative activities as "conspiratorial" or "criminal" without regard for other, less accusatory, interpretations that could apply. The nuPrometheus investigation has resulted, thus far, in at least three people being directly accused of the crime, but (like in the sun devil cases) no formal charges have been filed. One suspect, Grady Ward, was told by an agent "we know you did it" and is evidently considered a suspect because he's one of five likeliest Apple employees that had requested access to the source code shortly before it fell into the hands of nuPrometheus. The feds consider him a suspect because "He had since left Apple, he had attended a liberal arts college, and had once formed an intellectual society called Cincinnatus, thus betraying the same fondness for antiquity shown by the name nuPrometheus." (p.76) Ward admits having had the source code at one time, but it was part of his job to have it, and besides, he says, it was distributed to hundreds of people in the project group via Internet. In his article Levy poses several questions concerning this investigation. One of which, he says, is why the FBI is spending it's resources to follow this case rather than chasing the white-collar thieves who sacked the country for a trillion dollars in the Savings-and-Loan fiasco. After all, he notes, Apple has managed to stay in business despite the theft of the code, and nuPrometheus has not followed up on their promise to release other inside information. Levy goes on to suggest that some in Silicon Valley believe that Apple, perhaps via it's security firm (Kroll Associates, believed to have a number of former federal agents on staff), has pressured the FBI into pursuing the case. Again, this sounds quite similar to the "Phrack - E911" case where it has been conjectured that Bell South persuaded the Government to pursue a case that could not be won. Levy concludes by suggesting that we may not have heard the least of the nuPrometheus investigation. Stephen Satchell, a computer writer in Reno, told Levy that the FBI agent who interviewed him had a list of potential interviewees that numbered around 60 people, in 39 states. Levy leaves us with one final question. "... when does an investigation become a witch-hunt?" It's a question that CU followers have heard before. --------- GRM Internet: 72307.1502@Compuserve.com Moderators Note: CuD-ites are encouraged to see Levy's full article in MacWorld. Like his work _Hackers_, Mr. Levy consistently produces entertaining and thought-provoking articles. END ******************************************************************** >> END OF THIS FILE << *************************************************************************** Downloaded From P-80 International Information Systems 304-744-2253 12yrs+