Computer underground Digest Sun May 16 1993 Volume 5 : Issue 36 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Copy Editor: Etaoin Shrdlu, Senrio CONTENTS, #5.36 (May 16 1993) File 1--Yet Another "LOD" Pretender! File 2--Building Bridges of Understanding in LE & Comp. Community File 3--Crypto-Schemes/Mobile Digital Services in Australia File 4--More on Free Speech & Cyberspace File 5--Gene Spafford's Farewell File 6--UPDATE #3-AB1624 Online Access to Legislation / ACT BY 5/13 Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically from tk0jut2@mvs.cso.niu.edu. The editors may be contacted by voice (815-753-6430), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL0 and DL12 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on the PC-EXEC BBS at (414) 789-4210; and on: Rune Stone BBS (IIRG WHQ) 203-832-8441 NUP:Conspiracy CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: from the ComNet in Luxembourg BBS (++352) 466893; ANONYMOUS FTP SITES: UNITED STATES: ftp.eff.org (192.88.144.4) in /pub/cud uglymouse.css.itd.umich.edu (141.211.182.53) in /pub/CuD/cud halcyon.com( 202.135.191.2) in /pub/mirror/cud AUSTRALIA: ftp.ee.mu.oz.au (128.250.77.2) in /pub/text/CuD. EUROPE: nic.funet.fi in pub/doc/cud. (Finland) ftp.warwick.ac.uk in pub/cud (United Kingdom) Back issues also may be obtained through mailserver at: server@blackwlf.mese.com COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ---------------------------------------------------------------------- Date: Sat, 15 May 1993 12:12:22 CDT From: CuD Moderators Subject: File 1--Yet Another "LOD" Pretender! After the "hacker crackdowns" in 1990, in which the LOD was brought to national media attention, it seemed that the group became associated with every major computer incident that hit the national press. A few examples of unsubstantiated LOD involvement include: The claim by federal prosecutors that Len Rose was the LOD mastermind; A logic bomb defused in AT&T computers in 1990 that law enforcement suspected might be LOD-inspired; An airforce "hacker" thought to be an LOD member in 1990; the juveniles busted with "Kyrie" for fraud were believed to be associated with LOD; "Maverick's" 1992 claim that he was an LOD "hacker;" and Michigan juveniles assumed to be LOD because of "text files" associated with the group found in their possession. Although the media seem less inclined to attribute LOD membership to any computer delinquent found in possession of LOD/TJ #2 or Phrack, there remain too many juveniles out there who believe that they can appropriate the name for themselves. We've been asked about the latest pretender, who has circulated the following to several Usenet groups: *** begin start of circulated document *** From--TDC Organization--The Zoo of Ids Release Date: 4 May 16:07 EDT READ AND DISTRIBUTE EVERYWHERE - READ AND DISTRIBUTE EVERYWHERE *************************************************************** Important Anouncement: The LOD Legion of Doom Is Back! No that has not been a mis-print ... the LOD has returned! The world's greatest hacking group has formally been reinstated to bring back dignity and respect to a scene that has rapidly deteriorated since its departure. *** end excerpt *** The addressee has not responded to CuD inquiries, but there appears to be no connection between the pretender and the original LOD. One original LOD member submitted a strong criticism of the poster in Telecom Digest (V13, #327), which reads in part: From--todd@hal.gnu.ai.mit.edu (The Marauder) Subject--Legion of Doom! - The Real One Date--13 May 1993 21:55:46 -0400 Let me set the record straight: This "NEW" Legion of Doom, coming from "tdc@zooid.guild.org" has _NOTHING_ whatsoever to do with the Legion of Doom! group that was formed approximately mid-1984, of which I was a member. The "real" LoD continued as a group until somewhere around 1990. Those of you really interested in the whole thing can read all about it in the electronic publication called "Phrack", which is available at the anon ftp site "ftp.eff.org", in the "/pub/cud/phrack" directory. I believe "Phrack" issue #31 contains "The History of The Legion of Doom!" which was written by Lex Luthor (founder of the whole thing), and edited by Erik Bloodaxe. The article contains a brief history of us, and ALL them members of the real group, and is the final word as to who was/was not in LoD. I think you will find no mention of this (ahem) Lord Havoc character. I believe "ftp.eff.org" also contains all the LOD Technical Journals in "pub/cud/lod". The Legion of Doom! as a hack/phreak group DOES NOT EXIST ANYMORE. These clowns running around the internet calling themselves the "NEW" LoD are simply some all the LOD Technical Journals in "pub/cud/lod". The Legion of Doom! as a hack/phreak group DOES NOT EXIST ANYMORE. These clowns running around the internet calling themselves the "NEW" LoD are simply some kids having fun with you all, so relax, take a deep breath, and forget the whole thing. I am quite convinced you'll not hear much more from them ;). Some members of the *original* LOD are currently compiling a documentary history of the computer underground in the mid-1980s, and from what we've seen, it promises to be a valuable contribution to understanding that period. CuD will provide an extended review of their material in the next week or two. ------------------------------ Date: Thu, 13 May 1993 22:51:01 EDT From: CuD Moderators Subject: File 2--Building Bridges of Understanding in LE & Comp. Community Attempts to generate dialogue between the "computer culture" and law enforcement have proceeded slowly over the past few years. The EFF's early activities included attempts to make law enforcement personnel aware of the civil liberties issues related to cyberspace; Conferences, such as Computers, Freedom & Privacy, or the annual "Hackers' Conference" have brought diverse groups together face-to-face; and public access systems such as The Well in California have had some success in bringing different groups into an on-line dialogue. The problem with many of these formats is that they tend to exclude the average computer user or law enforcement agent. There's now an alternative. Kim Clancy, a security specialist for the Dept. of Treasury's Office of Public Debt, has begun the "round-table forum on Mindvox to bring a variety of views into open dialogue. The intent is to increase the understanding by the public of the legitimate tasks of law enforcement, and to expand an awareness of the civil liberties concerns of the computer public for investigators and others. Law enforcement personnel are understandably hesitant to engage in such discussions. But, from what I've seen, there is no ranting, the discussions are generally of high quality (although an occasional topic drift does occur), and those participating are sincere in their attempts to stimulate discussion. The obvious question, of course, is: Why should law enforcement personnel bother discussing these issues with an audience that includes "kids," law students, attorneys, professors, computer specialists, and other LE agents? To us, the answer is simple: If the goal is to minimize computer abuse rather than to simply "prosecute," then open dialogue is a cost-effective and efficient way of educational outreach. It's in everybody's interests for law enforcement personnel to encourage and participate in these dialogues. Kim Clancy moderates the round-table forum with a gentle, but incisive hand. She combines her experiences as a security specialist with her belief in the value of dialogue and information-sharing as an educational tool as a means of building bridges and promoting understanding. We share her view that increased understanding is a significant means of decreasing unacceptable accesses. Kim's credentials for moderating this type of a forum are impressive. In addition to her security and anti-virus skills, she set up the AIS BBS, BBS run by Dept. of Treasury, Bureau of Public Debt. Run by Computer Security Branch, AIS BBS is intended as a resource for security specialists, scholars, or others seeking information about the varieties of computer abuse and how to combat them. The files range from CERT advisories, documents on viruses, and "underground" files to simple public domain/shareware utilities, such as virus checkers. For those lacking ftp access, AIS BBS is an excellent source of information and a public service of value to a broad range of computer professionals and researchers. The AIS number is currently (304) 420-6083, in late may it will change to (304) 480-6083. The following extracts from Mindvox's round-table forum illustrate the goals and tenor of the discussions there: +++ Begin Excerpts +++ Post: 8 of 296 Subject--what this is about From--sbranch (Kim Clancy) Date--Tue, 09 Mar 93 08:38:15 EST In-Reply-To-- I (and others) asked mindvox to start this forum to give LE and others a place to meet and discuss topics. I have been getting folks together for awhile and wanted to find a public place I could send folks to meet instead of me taking all this time to run around and patch folks together. there are numerous LE types that would like this exchange to occur and I'll et them know its now open. I belong to a private :) security forum with a bunch and will pass it on. Probably one of the best areas I have seen set up for this was on Gheps bbs. It was called Security and the Security Impaired (you figure out who is whom). Anyway if there is anyone specific you would like to see on, let me know and I will see what I can do. Btw, I'm not an LE type, but manager a computer security unit for the Federal Gov. but this is being done on my own and the gov. doesn't endorse my actions...and other standard disclaimers... >From what I have experienced, ignorance breeds fear, fear breeds stupid behavior...like SJG games stuff (yea Mike btw on his work!) If we can use this place ot chip away at the ignorance, it can't hurt. It won't be a cure all but it won't hurt...will it? +++++ Post--12 of 296 Subject--Re--what this is about From--cudigest (Jim Thomas) Date--Thu, 11 Mar 93 00:16:36 EST In-Reply-To-- In principle, it's a fantastic idea to get both sides talking. The reality is that those who could most benefit are those least likely to participate. The Secret Service is a prime example of a group that seems unable and/or unwilling to learn by its mistakes. Local/regional "computer-crime" enforcers seem enmeshed in the control mentality, and have neither incentive nor willingness to understand the other side. It's discouraging. Nonetheless, any attempts at dialogue are worthwhile. Struggle's as long as history, and change requires persistence. The trick is to get the LE types on-line and, if not talking, at least reading. But, from what I've seen from LE documents, what the read is more likely to turn up in indictments rather than be the fodder for thought. Two questions: What kinds of topics might LE be willing to discuss, and what kinds of changes are likely to occur from the discussions? ++++++ Post--162 of 194 Subject--About LE From: kcit (Ken Citarella) Date: Thu, 01 Apr 93 09:59:38 EST In-Reply-To: I took a quick look at some postings since I was last here, and am glad to see that not all LE people are perceived as evil despotic lunatics. Neither are the phone companies. They spend a lot of money to create their systems and they sell their services to earn a profit. Some people may prefer a world where telephone, indeed all telecom services are free to all, but that is not the American way, at least not now. When the telecom infrastructure is paid for entirely out of taxes (which none of us, or few, would be too happy about) and defined by the courts or legislature as a free fundamental right of US citizenship, then all services will be free (if you ignore the fact that taxes pay to create, maintain, and operate the system). Reality is that private companies pay to create, maintain, and install, and that those systems, as any private property, is entitled to protection as a matter of law. Changing whether or not those systems should be for free or for higher is a political question, not a LE one. In the current scheme of things, LE has an obligation to put all sorts of computer abuse into the hopper with all the other crimes it pays attention to and to give it the priority each given LE agency deems appropriate. .............. Can LE be self improving? Sure, LE is made of people, as is any other organization or industry. Moreover it is one which frequently sees itself as the guardian who is unappreciated and abused while trying to do a thankless job. But, any person or group changes once the need to do so is perceived individually from within or imposed upon from without. No different than the big shake up at IBM. Everyone paying attention saw the collapse coming as their product line became irrelevant. They saw it last, but eventually caught on. But you can bet there were people on the inside of IBM who were crying a lonely voice for years. The same is true for LE. There are voices inside and outside to be listened to. Evolution comes, it always does. It can be far better helped along by friendly approaches than denunciations. +++ END EXTRACTED POSTS +++ Mindvox, a public access system in New York, is accessible via telnet at phantom.com or dialins at (212) 989-4141 (for 300-2400 baud) or (212) 989-1550 for 9600+. Current users wishing to engage in the round-table discussions can go to the discussion forums and join round-table. New users may sign in as "guests" and look around. ------------------------------ Date: Thu, 13 May 1993 08:55:32 EDT From: Roger.Clarke@ANU.EDU.AU Subject: File 3--Crypto-Schemes/Mobile Digital Services in Australia At CFP'93, there was considerable debate about whether cryptographic schemes should be designed to be 'crackable' by national security and law enforcement agencies. The Australian situation is that the licences issued for mobile digital telephone services all require the cryptography to be crackable. Now read on ... The Sydney Morning Herald, Wednesday 28 April, 1993 New digital phones on line despite objections By BERNARD LAGAN and ANNE DAVIES CANBERRA: The Federal government has over-ridden the objections of law enforcement agencies and allowed Telecom and Optus to start new digital mobile phone networks which are so secure that conversations can escape officially authorised telephone bugging. While law enforcement agencies can still intercept calls from mobile phones to an ordinary phone, calls from one digital mobile phone to another cannot be tapped. The Government agreed to waive the bugging requirement, originally a condition of Telecom and Optus's mobile phone network licences, late last week after strong pressure from both carriers to begin their services without providing technology to allow law enforcement agencies to listen into conversations. The changes to the system to allow official bugging will take up to two years to complete and will cost more than $25 million, a cost which the Government has agreed to bear. The Government's waiving of the bugging requirement was made despite strong opposition from law enforcement agencies, who wanted the start of the new digital mobile phone networks delayed until there was technology available to allow conversations conducted on these networks to be intercepted. The law enforcement agencies argued that once criminals and others who had reason to avoid officially authorised interceptions of their telephone conversations became aware of the loopholes in the new system, they would exploit it. The exemption was given by the Minister for Communications, Mr Beddall after talks held last week with the acting Attorney-General, Mr Kerr. It enabled Telecom to launch the country's first digital mobile phone network yesterday. The Federal Government is reticent about the decision to let the new network go ahead. A spokesman would only say that the Attorney-General was "satisfied" with the operational aspects of the new system. A spokesman for Minister for Communications, Mr Beddall, said that "the matter had been resolved", and any further queries should be addressed to Telecom and Optus. General manager of Telecom, MobileNet, Mr John Dearn, refused to confirm or deny that calls made from the new GSM (General System Mobile),mobile phones to other GSM mobile phones could not be intercepted, or that an exemption had been sought from the Government to allow the new GSM service to begin. "We have an agreement with the Department of Communications that we will not discuss the licence conditions," he said. Referring to the fact that most mobile phone calls are to fixed phones attached to the ordinary telephone network, Optus chief operating officer, Mr Ian Boatman said that most calls carried on Optus's GSM network would be interceptable by the security agencies. Optus is understood to have met with the Attorney General last Thursday, and has been given similar exemptions to its licence conditions. A third licensed operator is Vodaphone. Managing director, Mr Phillip Cornish, said: "These are Government and security matters and Vodaphone had no comment". Vodaphone is not likely to begin its service until late this year. The three mobile licensees Telecom MobileNet, Optus and Vodaphone Australia - are 'required by their licences to introduce the new digital mobile system, or GSM, as soon as the standard is available. However it became clear that the formula used to encode the new service, known as the A5 algorithm, was so secure that not even the police or security agencies could listen in. The dilemma for the Government was that having insisted on the the early introduction of GSM, it faced the prospect of substantial delays if it did not waive the licence condition. Because the standard was so secure, nobody anticipated the difficulty of re-coding and re-encrypting the algorithm to give access to law enforcement agencies. The Telecom system, costing in excess of $10O million to establish, covers more than 55 per cent of Australian consumers in Sydney, Melbourne, Canberra, Brisbane, Perth, Adelaide, the Gold Coast, Newcastle, Geelong and the Mornington Peninsula, Victoria. Its high security - compared to the existing 018 mobile telephone network - together with greater clarity is being used by Telecom to attract new customers. Under the 018 radio phone network, people using sophisticated scanners could pick up private conversations. But the digital technology ensures the telephone transmissions are scrambled and cannot be understood by people with scanners. ------------------------------ Date: Fri, 14 May 93 10:10 EDT From: "Gerry Santoro - CAC/PSU 814-863-7896" Subject: File 4--More on Free Speech & Cyberspace Wes Morgan wrote: > Can you >give an example of a free speech forum that does *NOT* have the po- >tential to cause this fear and/or reticence? All free speech forums have this potential, however there are some unique features of CMC/cyberspace that make this especially frightening for some people. In particular, the archival capability of cyberspace makes it possible that any person's posting will be stored and retrieved later for some other use. I've seen some of my students posting in various Usenet NEWS groups opinions that may well (and likely will) change as they get older, yet there is the potential that those postings will resurface at some point and haunt them in job searches, etc. We are already feeling the 'chilling effect' of 'political correctness' on many University/College campuses. As one of those who has steadfastly fought for free speech I hate to see this happen because I view the squelching of opinion as detrimental to education and enlightenment. This issue will surely not go away. The way to change people is to educate them, not to silence them. When one posts in cyberspace they are in effect publishing themselves. They likely do not know who the reader will be or to what use their posting will be put. If one honestly states an opinion that may go against the accepted 'norm' or establishment there is the potential for real harm coming back to that person. As an example, if one were to post in favor of decriminalizing drug use would that brand that person as having an 'unpopular' view? Would the information possibly be used against that person at later times, for example being entered into a law enforcement data base? Could tenure, or a new job, be denied that person partially because of the 'unfortunate' information? Of course that could not be the 'official' reason, but I have seen people denied tenure or promotions for lesser reasons, always couched in 'legal' reasons. The potential for easy retrieval of such a posting raises such fears. Some systems routinely keep track of which Usenet NEWS groups a person reads -- this gives a powerful personal profile and can itself be chilling without any posting involved. Please don't forget that only 40 years ago we had the McCarthy hearings, in which circumstantial evidence of communist affiliation was used to harass people. Many people lost jobs, opportunities, and worse because of this. It can happen here! Can anyone out there truly say that our government is now above reproach and wouldn't do such a thing? Sorry, only 3 years ago the FBI approach our library system wanting information about who checked out certain materials. (The campus newspaper reported that the requests were denied.) The fact is that 'free speech' is an ideal that requires constant protection and legal defense if it is to be realized. Limits have been placed on free speech in cases of 'clear and present danger' (ie, yelling 'Fire' in a theater), or in cases of 'hate crimes' (look at the current situation at U. of Penn for an example). Until the legal system clearly defines and truly protects the right to free and equal expression in cyberspace there will continue to be a 'chilling effect' and the notion of free speech in cyberspace will continue to be a concept and not a reality. Those who exercise this right may well have later regrets. prof. gerry santoro academic computing/speech communication penn state university ------------------------------ Date: Sun, 9 May 93 13:39:23 EDT From: Jerry Leichter Subject: File 5--Gene Spafford's Farewell ((MODERATORS' NOTE: For readers without access to Usenet, Gene Spafford, an associate professor computer science at Purdue University, has been active on the nets for over a decade. His leadership in an informal medium and his willingness to help others made the cybercommunity more civilized. Although his opinions and statements on occasion have provoked strong disagreement and debate, his contributions to the net have strengthened it. The passing of Azandi priests seems an appropriate farewell metaphor, and "THANKS, SPAF!" X-News--zodiac news.announce.newusers:293 From--spaf@cs.purdue.edu Subject--That's all, folks Date--30 Apr 93 00:01:12 GMT Message-ID:<1rpq88INNjlk@ector.cs.purdue.edu> [ I originally was going to post nothing on this topic. I'm burned out, and I don't want my fatigue to appear like I'm posting self-indulgent garbage. However, several people have argued with me, and convinced me that maybe I should make a statement to "end an era," and as a piece of net "history." At the least, even if it is perceived as self-indulgent garbage, it will fit right in with the rest of the net. ] There is a Zen adage about how anything one cannot bear to give up is not owned, but is in fact the owner. What follows relates how I am owned by one less thing.... About a dozen years ago, when I was still a grad student at Georgia Tech, we got our first Usenet connection (to allegra, then being run by Peter Honeyman, I believe). I'd been using a few dial-in BBS systems for a while, so it wasn't a huge transition for me. I quickly got "hooked": I can claim to be someone who once read every newsgroup on Usenet for weeks at a time! After several months, I realized that it was difficult for a newcomer to tell what newsgroups were available and what they covered. I made a pass at putting together some information, combined it with a similar list compiled by another netter, and began posting it for others to use. Eventually, the list was joined by other documents describing net history and information. In April of 1982 (I believe it was -- I saved no record of the year, but I know it was April), I began posting those lists regularly, sometimes weekly, sometimes monthly; the longest break was for 4 months a few years ago when I was recovering from pneumonia and poor personal time management. (Tellingly, only a few people noticed the lack of postings, and almost all the mail was "When will they come out?" rather than "Did something happen?") As time went on, people began to attach far more significance to the posts than I really intended. It was flattering for a very short time, and a burden for most of the rest; there is no telling how much time I have devoted over the last decade to answering questions, editing the postings, and debating the role of newsgroup naming, to cite a few topics. I really tired of being a "semi-definitive" voice. Starting several years ago, at about the time people started pushing for group names designed to offend or annoy others, or with a lack of concern about the possible effects it might have on the net as a whole (e.g., rec.drugs and comp.protocols.tcp-ip.eniac) I began to question why I was doing the postings. I have had a growing sense of futility: people on the net can't possibly find the postings useful, because most of the advice in them is completely ignored. People don't seem to think before posting, they are purposely rude, they blatantly violate copyrights, they crosspost everywhere, use 20 line signature files, and do basically every other thing the postings (and common sense and common courtesy) advise not to. Regularly, there are postings of questions that can be answered by the newusers articles, clearly indicating that they aren't being read. "Sendsys" bombs and forgeries abound. People rail about their "rights" without understanding that every right carries responsibilities that need to be observed too, not least of which is to respect others' rights as you would have them respect your own. Reason, etiquette, accountability, and compromise are strangers in far too many newsgroups these days. I have finally concluded that my view of how things should be is too far out-of-step with the users of the Usenet, and that my efforts are not valued by enough people for me to invest any more of my energy in the process. I am tired of the effort involved, and the meager -- nay, nonexistent -- return on my volunteer efforts. This hasn't happened all at once, but it has happened. Rather than bemoan it, I am acting on it: the set of "periodic postings" posted earlier this week was my last. After 11 years, I'm hanging it up. David Lawrence and Mark Moraes have generously (naively?) agreed to take over the postings, for whatever good they may still do. David will do the checkgroups, and lists of newsgroups and moderators (news.lists), and Mark will handle the other informational postings (news.announce.newusers). I'm not predicting the death of the Usenet -- it will continue without me, with nary a hiccup, and six months from now most users will have forgotten that I did the postings...those few who even know now, that is. That is as it should be, I suspect. Nor am I leaving the Usenet entirely. There are still a half-dozen groups that I read sometimes (a few moderated and comp.* groups), and I will continue to read them. That's about it, though. I've gone from reading all the groups to reading less than ten. Funny, though, the total volume of what I read has stayed almost constant over the years. :-) My sincere thanks to everyone who has ever said a "thank you" or contributed a suggestion for the postings. You few kept me going at this longer than most sane people would consider wise. Please lend your support to Mark and David if you believe their efforts are valuable. Eventually they too will burn out, just as the Usenet has consumed nearly everyone who has made significant contributions to its history, but you can help make their burden seem worthwhile in between. In closing, I'd like to repost my 3 axioms of Usenet. I originally posted these in 1987 and 1988. In my opinion as a semi-pro curmudgeon, I think they've aged well: Axiom #1: "The Usenet is not the real world. The Usenet usually does not even resemble the real world." Corollary #1: "Attempts to change the real world by altering the structure of the Usenet is an attempt to work sympathetic magic -- electronic voodoo." Corollary #2: "Arguing about the significance of newsgroup names and their relation to the way people really think is equivalent to arguing whether it is better to read tea leaves or chicken entrails to divine the future." Axiom #2: "Ability to type on a computer terminal is no guarantee of sanity, intelligence, or common sense." Corollary #3: "An infinite number of monkeys at an infinite number of keyboards could produce something like Usenet." Corollary #4: "They could do a better job of it." Axiom #3: "Sturgeon's Law (90% of everything is crap) applies to Usenet." Corollary #5: "In an unmoderated newsgroup, no one can agree on what constitutes the 10%." Corollary #6: "Nothing guarantees that the 10% isn't crap, too." Which of course ties in to the recent: "Usenet is like a herd of performing elephants with diarrhea -- massive, difficult to redirect, awe-inspiring, entertaining, and a source of mind-boggling amounts of excrement when you least expect it." --spaf (1992) "Don't sweat it -- it's not real life. It's only ones and zeroes." -- spaf (1988?) -- Gene Spafford, COAST Project Director Software Engineering Research Center & Dept. of Computer Sciences Purdue University, W. Lafayette IN 47907-1398 Internet: spaf@cs.purdue.edu phone: (317) 494-7825 ------------------------------ Date: Sun, 9 May 1993 14:08:23 -0700 From: Jim Warren Subject: File 6--UPDATE #3-AB1624 Online Access to Legislation / ACT BY 5/13 [ For newcomers: California Assembly Bill 1624 would mandate that already-computerized public legislative data be publicly accessible by modem (by Bowen-D, Torrance). If the bill fails in any committee, the issue cannot be re-introduced by any Assembly Member until 1995. ] This update provides: 1. Emerging key questions 2. Needed [minimal] citizen action 3. Key legislative contacts KEY QUESTIONS/ISSUES THAT APPEAR TO BE EMERGING Should electronic public access to the California Legislature's computerized public records be left unchanged? The information -- already in computers for internal legislative use -- is available to anyone for 50-cents/kilobyte on magtape in Sacramento. Or, for about ten times more than current citizen/consumer-oriented network services -- for example, $4,200 for 2,880 minutes in a 2-year period -- one can use a private information-distributor that purchases the data and resells online access. One distributor is owned by the politically-powerful Sacramento Bee. Numerous state and local agencies currently pay tens of thousands of tax-dollars to use these private distributors to access public records. Should the Legislature design, build, own, operate and control their own proprietary, public-access computer system and statewide computer network --disconnected from and inaccessible from the numerous nonprofit public networks already used by a million or more Californians at little or no cost? What would be the server-system costs, network costs, operational costs, long-distance communications costs, ability to serve widely-diverse users, controls on access, possibility of monitoring users, etc.? Should the Legislature at-the-least transmit copies of the public records to host-computers on the largest, nonprofit, nonproprietary, extensively-interconnected, cooperative public networks, to be archived among other public files for free copying across the networks? WITHOUT charging for it? Operating expenses would be little more than the cost of a daily local phone call -- so small that it couldn't practically be pro-rated across the several million Californians who make free or low-cost use of those networked computers. A file-server and network hardware would cost $5K-$9K, and could be donated if their $25-million annual computer budget can't cover it. Free sharing of thousands of public files is pervasive and customary among about 1.5-million inter-networked host-computers, including more than 20,000 BBSs that share files via FidoNet and usually offer free access for all. SHOULD the Legislature profit from libraries, local and state agencies, nonprofit groups, researchers, schools, civic groups, California businesses, etc., providing citizens with access to electronic copies of public records? They don't sell printed copies for more than the [partial] cost of printing and distribution, nor charge when a lobbyist or corporation makes many copies of a paper bill. Why should non-landfill copies be more costly? CAN the Legislature make money by charging users of public records? The two best-known information-distributors that appear to focus on the California Legislature's public information appear to be limited in size. A third competitor is rumored to be leaving the online-distribution business. Should The Legislature include the already-computerized state codes (statutes) and Constitution in the information to be made publicly accessible? Currently, they sell the codes and constitution for more than $200,000 on magtape; one sale, so far. For comparison, the US GPO sells the more voluminous federal codes on a CD ROM for $30. NEEDED [MINIMAL] CITIZEN ACTION The crucial Assembly Rules Committee chaired by San Francisco's John Burton is currently expected to hear AB1624 on May 13th at 7:30 a.m. Chairman Burton needs to hear from Californians, and each Committee member needs to hear from constituents in their own Assembly Districts. NOW! 1. *Briefly* express support for AB1624 and state WHY. 2. Request their explicit commitment to support AB1624. 3. Explicitly request an explanation if they decline to commit to it. KEY LEGISLATIVE CONTACTS Please be SURE to send a copy to the bill's sponsor: Hon. Debra Bowen, Assembly Member (D) [Venice/Marina Del Rey area] State Capitol, Room 3126, Sacramento CA 95814, fax/916-327-2201 The Rules Committee members are (in the State Capitol, Sacramento CA 95814): John L. Burton, Chair, Rules Committee (D-San Francisco) [KEY decision-maker] 916-445-8253; fax/916-324-4899; Room 3152 Ross Johnson, (R-Fullerton) 916-445-7448; fax/916-324-6870; Room 3151 Deirdre "Dede" Alpert (D-Coronado) 916-445-2112; fax/916-445-4001; Room 3173 Trice Harvey (R-Bakersfield) 916-445-8498; fax/916-324-4696; Room 4162 Barbara Lee (D-Oakland, Alameda) 916-445-7442; fax/916-327-1941; Room 2179 Richard L. Mountjoy (R-Monrovia) 916-445-7234; fax/818-445-3591?; Room 2175 Willard H. Murray, Jr. (D-Paramount) 916-445-7486; fax/916-447-3079; Room 3091 Patrick Nolan (R-Glendale) 916-445-8364; fax/916-322-4398; Room 4164 Richard Polanco (D-Los Angeles) 916-445-7587; fax/916-324-4657; Room 2188 The original bill-text and other postings on this subject are available from cpsr.org by anonymous ftp, WAIS, Gopher, Veronica and LISTSERV access in /cpsr/state/california, compliments of Al Whaley at Sunnyside Computing, or by request from jwarren@well.sf.ca.us . Timely information about government is prerequisite for a free society. ------------------------------ End of Computer Underground Digest #5.36 ************************************