Computer underground Digest Sun Apr 12, 1998 Volume 10 : Issue 22 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Field Agent Extraordinaire: David Smith Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #10.22 (Sun, Apr 12, 1998) File 1--Digital wiretapping in the Netherlands File 2--Fwd: Canada Hacker Arrested in NASA Case File 3--US Govt wants to "tag" color printers File 4--E-mail 'Spammer' Settles Lawsuit For $2 Million File 5--Shareware and Persuasion (fwd) File 6--"Web Security: A Step-by-Step Reference Guide", L.D. Stein File 7--Information Trumps Reality (From NETFUTURE #68) File 8--APRIL 16 -- FANTASTIC CPSR/Chicago program (fwd) File 9--Cu Digest Header Info (unchanged since 7 Apr, 1998) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- From: "Maurice Wessling" Date: Tue, 7 Apr 1998 10:51:18 +0000 Subject: File 1--Digital wiretapping in the Netherlands PRESS RELEASE XS4ALL Internet Monday, April 6th 1998 Dutch parliament about to approve tapping paragraph after pressure from Internal Security Agency. A letter from the Internal Security Agency (BVD) to the leaders of the four largest parties in parliament has played a key role in ensuring that in all likelyhood, a majority of dutch parliament will vote to include a controversial paragraph in the new telecommunications law. In an attempt to secure government access to telecommunication between citizens, the new telecommunications law includes a paragraph that, among other things, forces ISPs to make their networks tappable, at their own expense. In the letter, the BVD stresses the need for expansion of its tapping capabilities. The dutch labour party (PvdA), the largest party in The Netherlands, withdrew its objections against the law upon receiving the letter. Internet Service Providers, legal experts, business community representatives, and the dutch government privacy watchdog organization have expressed concern over the extention of tapping capabilities for police and intelligence organizations. The new law places a large financial burden on providers. Furthermore, the necessity to expand the tapping capabilities was not documented or argumented for. XS4ALL, one of the countries largest ISPs has appealed to parliament on several occasions to postpone the tapping paragraph (chapter 13 of the new law) until the minister properly documents the need for such radical changes. Of the large parties, only D'66 will vote for postponing the tapping paragraph Maurice Wessling Public Affairs XS4ALL Internet Amsterdam, Netherlands ------------------------------ Date: Tue, 7 Apr 1998 22:59:58 EDT From: Cu digest Subject: File 2--Fwd: Canada Hacker Arrested in NASA Case Canada Hacker Arrested in NASA Case .c The Associated Press SUDBURY, Ontario (AP) - A 22-year-old man faces dozens of charges in a case involving the cracking of the computer security codes at top aerospace facilities in the United States. The Royal Canadian Mounted Police, which conducted a 14-month investigation, say a hacker broke into the computer systems at the National Aeronautics and Space Administration Center, the National Oceanographic and Atmospheric Association and Hughes STC, an aerospace firm. (The article notes that in one case, $50,000 damage was caused to files and that access was also gained into several private and university computer systems in Canada and the U.S.) Jason Mewhiney, 22, of Val Caron, is charged with mischief by willfully obstructing, interrupting and interfering with the lawful use of data. He is to appear in court May 13. ------------------------------ Date: 06 Apr 1998 15:29:44 -0400 From: Mark Atwood Subject: File 3--US Govt wants to "tag" color printers A recent news article has made me a bit nervous. In Yahoo News in a Reuters article dated Tuesday March 31 2:25 PM EST and titled "Lawmakers Press for Anti-Counterfeit Measures".. The anticounterfeiting officers of the US Fed Govt, along with Rep. Michael Castle, (R-DE), are "concerned" with the increasing use of scanners and color printers to do "small batch" counterfeiting, and want to change the laws a bit. I guess the existing laws are targetedd at the "olddays" of making counterfeit plates, and running off a few million dollars, not some small time operation of making a few thousand in $50 bills. Castle said "previous sentencing guidelines based on total amounts of counterfeit notes seized should not apply". I can understand and support that. BUT, the article goes on to say: "In addition, Castle said, practical and realistic measures to tag scanners and printers must be considered, in order to identify the source of the counterfeit notes." In other words, he wants every color printer to embed some sort of signature into its output, so that the "authorities" can determine where it came from. I remember, back in high school civics, one of the bits of patriotic propaganda that was dispenced to us, was that the USSR required all photocopiers to embed a machine id and page number into its output, so that the "authorites" could control their use as publishing tools. Now the USA wants to do the same thing. ------------------------------ Date: Tue, 31 Mar 1998 01:56:21 -0500 (EST) From: editor@TELECOM-DIGEST.ORG Subject: File 4--E-mail 'Spammer' Settles Lawsuit For $2 Million ((MODERATORS' NOTE: For those not familiar with Pat Townson's TELECOM DIGEST, it's an exceptional resource. From the header of TcD: "TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of public service systems and networks including Compuserve and America On Line. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'. Subscriptions are available to qualified organizations and individual readers. Write and tell us how you qualify: * ptownson@massis.lcs.mit.edu * ======" )) ================== Source: TELECOM Digest Tue, 31 Mar 98 - Volume 18 : Issue 48 Date--Mon, 30 Mar 1998 08:42:44 -0500 From--The Old Bear LOS ANGELES (AP) - March 29, 1998 - A company that once sent as many as 25 million unsolicited e-mail ads a day has agreed to pay $2 million to settle a lawsuit aimed at ending the so-called "spamming." Under a consent decree filed in Los Angeles County Superior Court, Cyber Promotions Inc. also must stop sending unsolicited bulk e-mailings to customers of Earthlink Network Inc., {The New York Times} reported Sunday, citing documents that Earthlink released Friday. "The most important benefit of this judgment is the message we've sent to spammers that illegally tap our resources and clog up the Internet with this trash -- we won't stand for it," said Charles Garry Betty, chief executive of the Pasadena-based Earthlink, which provides Internet service to more than 450,000 people. Cyber Promotions, based in Dresher, Pennsylvania, was considered the largest purveyor of unsolicited e-mail ads. A similar injunction against the company was issued last year in a lawsuit filed by America Online, the world's largest online service. Cyber Promotions has been inactive for several months since its own Internet provider refused to continue providing a connection, the Times said. Critics complain that the junk e-mails slow down receipt of genuine messages and invade the privacy of e-mail users. Programmers continually are upgrading computer programs designed to block the unwanted messages. California is one of about a dozen states considering laws to limit unsolicited commercial e-mail. Last week, Washington became the first state to enact such legislation. Congress also is looking into the matter. ------------------------------ Date: Mon, 6 Apr 98 18:56:06 -0700 From: Gordon Meyer Subject: File 5--Shareware and Persuasion (fwd) Shareware and Persuasion Scott J. Kleper Stanford University PO Box 3167 Stanford, CA 94309 USA +1 650 497 1972 klep@cs.stanford.edu ABSTRACT Shareware programs generally achieve less than a 1% rate of registration. Authors have tried to augment their software with various techniques employing a variety of theories of persuasion, for encouraging users to register. This paper attempts to formalize how persuasion is applied to shareware, determine which methods work best, and analyze why. Based on previous studies, it has been shown that crippling a program results in the best returns. I attribute these results to the use of positive reinforcement in crippleware. Keywords shareware, persuasion, Captology. INTRODUCTION As a business model, shareware is a very unique venture. A successful author must not only product good software, but must also convince the user that the software they have obtained for free is worth paying for. While most people are morally responsible and do not intend to steal, they often need an extra push to send in a shareware payment. Quantification of shareware registration habits relative to the techniques of persuasion employed may reveal the effectiveness of the various theories of persuasion as they relate to software. REGISTRATION VEHICLES The three main vehicles for shareware registration-nagscreens, crippleware, and time bombs, apply different techniques of persuasion. Nagscreens A software nagscreen is typically a dialog box that appears for a set amount of time periodically (generally when the application is launched). The purpose is to remind the user that they have not paid for this product and will be forced to wait for the screen to disappear each time they run the program until they pay for it. This relatively simple technique shows several elements of persuasion. Many nagscreens invoke a subtle feeling of guilt within the user, who may have thought that payment was not important. For example, one of my programs declares, "I'm currently a student at Stanford and I can't continue to release cool software unless the Mac community continues to support me." The screen also makes a threat that it will return while providing an incentive (its removal) for the user to pay for the program. This is a form of negative reinforcement. By sending in the registration check, the user is able to remove the unwanted nagscreen. Nagscreens, when implemented properly, can serve as reminders to users. Rick Holzgrafe, Macintosh shareware author, writes that nagscreens "work because so many people really are honest but forgetful."[2] Unfortunately, it is difficult to predict how a user will react to a nagscreen. Nagscreens often invoke reactions that make persuasion more difficult. Users who intend to pay for the product if they like it are annoyed by what they see as a threat. Even worse, users who have sent in their money but have not received feedback from the author yet can become frustrated that this program has no knowledge of their recent purchase. Nagscreens tend to work best with products that users may not even consider paying for (like games) or when the screen provides additional information like the number of hours the program has been in use. A very clever implementation I once saw told the user the number of hours the program had been used as well as the amount of money per hour they would be paying if they registered. Realizing that a program would only cost twelve cents for every minute it had been used appeals to the user's practical side. Crippleware Crippleware is the term given to shareware which has limited functionality but which can be unlocked to provide additional features. Crippleware takes incentive much further than nagscreens. The user is presented with a program that works but told that if she likes it and pays for it, she will get an even better program. By not paying, the user is locked out of certain features. After paying, the user obtains new features that make the program more useful. The main problem with crippleware is that since users aren't able to test the entire program, they often don't even consider registering. As Holzgrafe notes, "If you sell crippleware, be prepared for some battles."[1] One of my most successful products, "HTML Markup," is crippleware. The shareware version is fully-working and contains many features. The registered version, however, adds a few extra goodies which I view as a bonus for people who pay. Some users don't see it this way however. I once received email from an angry user who had downloaded the program and glanced at the documentation. As soon as he saw that he did not have the full version, he sent me a message telling me that he would never pay because shareware is not supposed to be crippled. After I explained that he had a fully-working version and that the registered version was a superset of it, he apologized and eventually paid for the software. Time Bombs Many shareware authors come up with a period of time that they consider reasonable for testing. While most shareware authors give a specific trial period somewhere in their documentation, some authors keep track of the usage so that the program will cease to function after the given amount of time. Such "time bomb" techniques offer little in the way of persuasion except to present the user with a do-or-die choice. If the user wants to continue with the program, she must pay. While time bombs can ensure that nearly all users of a program actually pay for it, they significantly decrease the number of users who actually try the program. Many users feel as though they are being accused of theft before they even run the program once. Knowing that they will have to pay for the product eventually, many users convince themselves not to get used to the product. As Peter Lewis, one of the most successful shareware authors, puts it, "time bombing the program forces the user to make a choice of paying now or never, and they will often choose never when they would have chosen later if you'd left that as an option."[2] OPINIONS Opinions among shareware authors vary greatly regarding which methods are the best. The Association of Shareware Professionals specifically forbids its members from releasing crippled shareware or shareware with nagscreens that interfere with the operation of the program.[3] The ASP will only certify software that complies with these guidelines because they believe that it gives shareware a more professional image. Yet by denying the fact that people need to be persuaded to register, the ASP probably reduces its members' payments and its own membership rates. Many authors who get a taste of how few users of their programs really pay for it are tempted to use time bomb strategies because it is the most effective for preventing illegal use of their software. Others use nagscreens because they are easy to implement and usually do not limit the program in any way. Crippleware is often viewed as a compromise because they limit a program slightly and prevent illegal use of the fully-working version. A STUDY IN SHAREWARE REGISTRATION Shareware author Colin Messitt performed an informal experiment to quantify shareware payment habits. By releasing the same product in two versions-one crippled and one using nagscreens, Messitt was able to keep track of how many registrations he received for each version. The clear winner was the version that employed crippleware techniques, which outsold the other version five-to-one. In this experiment, it appears as though positive reinforcement with incentive won out over negative reinforcement with incentive.[4] I believe that these findings are a result of one unique feature of crippleware-when the user pays for crippleware, they are actually buying something (extra features). With time-bomb shareware, a paying user is put in the position of a thief caught with a television set in his hands. Nagscreens may be ineffective simply because they annoy users. If a user does not have the time to put up with software that nags them, she will not have time to get used to it and see the need to buy it. ANALYSIS In his article entitled "Hookware," Kee Nethery summarizes the best way to get users to pay. "Bug them just enough to get them to pay but not so much that they stop using your software." There is obviously a tradeoff between making users happy and making them pay. My own shareware experiences agree with Messitt's findings. HTML Markup, which is slightly crippled, continues to have strong sales. My latest program, NetBots, has far more downloads and generates far more feedback. The sales are good, but a smaller percentage of the users who download NetBots register it than HTML Markup. I believe this is partially because NetBots just gives a gentle reminder that it is shareware. People are often amazed when I tell them that shareware can make money. Considering that someone could use any of my programs quite happily and legally without paying for them, it is striking that so many people actually do pay. While some people just feel that it is the right thing to do, I think that there is definitely an element of persuasion involved. The success of shareware shows that while many people are honest, a little push using the right techniques can bring that honesty out. ACKNOWLEDGMENTS I would like to offer my thanks to BJ Fogg for introducing me to Captology and to Phil King for relating Captology to shareware. REFERENCES Holzgrafe, Rick. "Successful Shareware." Lewis, Peter. "Writing Shareware for a Living." Association of Shareware Professionals. Messitt, Colin. "Why Do People Register?" ------------------------------ Date: Wed, 8 Apr 1998 07:57:47 -0800 From: "Rob Slade, doting grandpa of Ryan and Trevor" Subject: File 6--"Web Security: A Step-by-Step Reference Guide", Lincoln D. Stei n BKWEBSEC.RVW 980201 "Web Security: A Step-by-Step Reference Guide", Lincoln D. Stein, 1998, 0-201-62489-9, U$29.95 %A Lincoln D. Stein stein@genome.wi.mit.edu %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8 %D 1998 %G 0-201-62489-9 %I Addison-Wesley Publishing Co. %O U$29.95 416-447-5101 fax: 416-443-0948 bkexpress@aw.com %P 448 p. %T "Web Security: A Step-by-Step Reference Guide" As it happened, this book came off the stack on a night when I wanted nothing more than to wander off to bed. Despite my sleep deprivation I managed not only to finish the book, but even to enjoy it. Any technical book with security in the title that can hold interest like that has to have something going for it. The book covers all aspects of Web security, as laid out in chapter one: the client or browser concern for privacy and safety of active content, the Web server concern for availability of service and prevention of intrusion, and the concern that both share for confidentiality and fraud. Chapter two provides a brief but accurate overview of cryptography as the backbone of secure systems operating over unsecured channels. (There is only one oddity that I noted, when 512 bit RSA public key encryption was compared in strength with 40 bit RC2 and RC4 systems.) More of the basics like Secure Sockets Layer (SSL) and Secure Electronic Transactions (SET) are described in chapter three, along with various forms of digital cash. Part two looks at client-side security, with further discussions of the use of SSL in chapter four. Chapter five details active content, with particular attention to ActiveX and Java. "Web Privacy," in chapter six, is an excellent and practical guide to the realities and myths about information that can be gleaned from your browsing activities. Included are practical tips about keeping your system from finking on you. (Windows users should note that the files referred to are not always in the paths specified, due to the variety of ways that Windows programs can be installed.) The bulk of the book, as might be expected, deals with server-side security, this being the slightly more complex side of the issue. Chapter seven provides an overview of the various vulnerabilities and loopholes to watch and plug. UNIX and Windows NT servers are dealt with in chapters eight and nine respectively. These chapters don't assume much familiarity with the system security functions of the systems, but do stick primarily to the server specific topics. Access control is a major part of any security setup, and is covered in chapter ten. Encryption and certificates are revisited in chapter eleven, concentrating on use in access control. CGI (Common Gateway Interface) scripting has been a major source of Web security risks, and chapter twelve points out safe, and unsafe, practices in programming scripts. Chapter thirteen discusses remote authoring and administration. Firewalls are often seen as the be-all and end-all of Internet security, and Stein covers the reality in chapter fourteen. Each chapter contains references to both online and printed sources of information, and these resources are all of high quality and useful. As noted, the book is not only readable, but even enjoyable. The writing is clear and accurate, giving the reader both concepts and practical tasks in minimum time with maximum comprehension. Although the bulk of the book is for Webmasters, the casual user can not only read it but get a great deal of value from it. Any ISP that does not have it on their customer support bookshelf should held criminally negligent. copyright Robert M. Slade, 1998 BKWEBSEC.RVW 980201 ------------------------------ Date: Tue, 31 Mar 1998 12:41:54 -0500 From: Stephen Talbott Subject: File 7--Information Trumps Reality (From NETFUTURE #68) Source: NETFUTURE: Technology and Human Responsibility Issue #68 Copyright 1998 Bridge Communications March 31, 1998 Editor: Stephen L. Talbott (stevet@oreilly.com) On the Web: http://www.oreilly.com/people/staff/stevet/netfuture/ You may redistribute this newsletter for noncommercial purposes. Information Trumps Reality -------------------------- You may have seen the story awhile back, but I'll bet you passed over its significance. Look again; what you're seeing in this little scenario is the perfect symbol of the Information Age: A young woman hobbles painfully onto the college basketball court and positions herself by her team's basket. The whistle sounds, a teammate throws her the ball, and -- while the opposing players stand and watch -- she puts the ball through the hoop. Then the young woman hobbles back off the court and the other team shoots a basket, similarly unopposed. With the score now 2-2, the real game begins. But the young woman, whose college career-ending injury had left her one point shy of the scoring record, now has her record. Everyone feels wonderful (with the possible exception of the previous record holder). There you see the mystical power of information. The fact in the database takes precedence over the brilliant, real-life career supposedly being honored. Of course, the career was actually being dishonored. The supporters of the pre-game exercise said, in effect, "The young lady's career lacked its own intrinsic meaning and value. None of us will sufficiently appreciate her without the additional two points in the database, however artificial and disconnected from her achievement they may be." The idea of it all is brutally clear: manipulate a human life so as to produce a bit of stored information, which then becomes the basis for appreciating the life. Information today less and less *derives* from real life; more and more it *defines* real life. The Net, of course, is the primary Kingdom of Information. Many of its current policy debates can be seen as expressions of the following problem: when our "presence" on the Net dissolves (as it tends to do) into decontextualized bits of information, what distortions affect the various recontextualizations that occur? That is, how do our lives get redefined? The data harvester with a product to sell redefines us one way, the bank's loan department assessing our credit data redefines us another way, the politician analyzing survey data with an eye on the upcoming reelection redefines us yet another way, the security cracker looking for an opening, the lonely person looking for a conversation, the haranguer looking for a soap box ... each finds it all too natural to cultivate a reduced image of the human being on the other end of the channel. The same danger certainly occurs off the Net as well. But there is no denying that the more thorough and easy the decontextualization -- and the Net is a veritable engine of decontextualization -- the more difficult it is to remain faithful to the real-life depth of persons and communities in our various reconstructions. Information, fragmented though it be, takes on a life of its own. That is unfortunate, because information is not so much the beginning of understanding as the end of it. Information is the last, abstracted residue of what once was living knowledge. In the case of basketball, it is the reduction to mute number of moves to the hoop that only a poet, physiologist, mechanical engineer, sports analyst, and artist, combining their insights, could capture with any justice. ------------------------------ Date: Thu, 9 Apr 1998 07:55:40 -0500 (CDT) From: Netiva Caftori Subject: File 8--APRIL 16 -- FANTASTIC CPSR/Chicago program (fwd) Date--Wed, 18 Mar 98 18:53:14 CST From--donald goldhamer Subject--APRIL 16 -- FANTASTIC CPSR/Chicago program THURSDAY, APRIL 16 INTERNET GOVERNANCE TWO FANTASTIC SPEAKERS and a HOT DISCUSSION CPSR/Chicago's April program will explore the topic of Internet Governance, which is the major issue for this year chosen by CPSR's National board. FIRST: "One Planet, One Net campaign of CPSR is testing Chicago" -- a report presented by Midwest Regional representative Netiva Caftori. Please come to hear and discuss the principles of socially responsible Internet Governance. (see details below) SECOND: "The Internet and Self-governance for the Generic Top Level Domain Name System" presented by David W. Maher, chair of the Policy Oversight Committee (successor to the International Ad Hoc Committee) that is restructuring the rules for Internet domain names. (see details below) THIRD: We'll discuss the issues, including gTLD restructuring, in the context of the principles of Internet Governance. TIME: 6:00pm to 7:00pm -- eat and chat (bring your dinner or ask us to order) 7:00pm to 9:00pm -- program (we can go even a bit later if necessary) WHERE: 25 E. Pearson Building Loyola University Chicago Room 1467, 14th floor. For more details, contact: Don Goldhamer (cpsr-chicago@cpsr.org, 773-702-7166) or Netiva Caftori (n-caftori@neiu.edu, 773-794-2739) ------------------------------------------------------------------------------ THE ONE PLANET, ONE NET CAMPAIGN OF CPSR CPSR's Board has launched a year-long focus on Internet governance. As a result of an intensive strategic planning process, CPSR is undertaking a broad examination of the issues in standards development, content development and control, and access to the Internet. CPSR will continue our policy advocacy on issues such as proposed changes to the Domain Name System (DNS). We will continue to monitor and defend privacy issues. CPSR was involved in direct government advocacy and testimony in the recent encryption legislation and in the struggle over online ratings systems. We participated at all levels in the Communications Decency Act legislative process and as a co- plaintiff in Reno v. ACLU. CPSR is focusing our main program initiative for the next year to strengthen citizen input in the Internet governance dialogue now dominated by the government and business sectors. As a first step, the Board developed and issued "One Planet, One Net: Principles for the Internet Era." This is an internet-draft document in the IETF publication process. Please skim through those principles if you have the time. They are to be linked from our web page at http://www.cpsr.org Discussion of the draft will be about basic Internet issues -- who owns it? what values will prevail? who will have access? who will decide how it is governed? Participation in the discussion is through the CPSR listserv at onenet-discuss@cpsr.org. We strongly urge CPSR members and others interested in Internet governance issues to join in the discussion. ------------------------------------------------------------------------------ THE INTERNET AND SELF-GOVERNANCE FOR THE GENERIC TOP LEVEL DOMAIN NAME SYSTEM The commercial exploitation of the Internet has created great controversy about the assignment of domain names and related trademark use and infringement issues. This will be a presentation by the chair of the Policy Oversight Committee (successor to the International Ad Hoc Committee) that is restructuring the rules for Internet domain names. The presentation will focus on the task of building a system that accommodates divergent interests and provides a rational basis for worldwide Internet activity. The presentation will also cover intellectual property issues on the Internet. The growth of the Internet has led to increasing numbers of conflicts between trademark owners and users of domain names. The present system is chaotic, with national courts rendering decisions on many disputes in accordance with national law, without regard to the global nature of the Internet. In addition, there is a private U.S. dominated system for resolving disputes in .com, .net and .org. The Policy Oversight Committee, in cooperation with the World Intellectual Property Organization, has developed an administrative system that is designed to apply neutral principles in an efficent and cost-effective manner without interfering with the jurisdiction of national courts. David Maher is the Chair of the Policy Oversight Committee and was appointed to the Committee by the Internet Society. He is a patent lawyer in private practice in Chicago, Illinois, and is a senior partner in the law firm, Sonnenschein, Nath & Rosenthal. A more detailed biography is available from CPSR/Chicago. ------------------------------ Date: Thu, 7 Apr 1998 22:51:01 CST From: CuD Moderators Subject: File 9--Cu Digest Header Info (unchanged since 7 Apr, 1998) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-6436), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. In ITALY: ZERO! BBS: +39-11-6507540 UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD Web-accessible from: http://www.etext.org/CuD/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #10.22 ************************************