Escolar Documentos
Profissional Documentos
Cultura Documentos
'Tis my sad duty to report to you-all that three folks, Kevin Poulsen,
Mark Lottor (mkl@sri.com), and Robert Gilligan (gilligan@sun.com) have
been charged by the San Jose US Attorney with nineteen counts (mostly
bogus) of telephone and computer crimes.
Not all the charges are this much hot air, but it really looks to me
like the prosecuters are more interested in writing press releases
than in serving justice.
1 count conspiracy
1 count "possession of access devices", 18 USC 1029(a)(3), (b)(2)
1 count "ownership of a test circuit pack", 18 USC 2512
3 counts giving the phone company a fake SS#
3 counts giving the phone company a fake name
1 count use of calling cards in fake names, 18 USC 1029(a)(2), (b)(2)
1 count use of a testset to intercept a call
1 count intercepting a Pacbell security person's conversation
1 count attempted access to US Army MASNET, 18 USC 1030(a)(3)
1 count "intent to transfer" MASNET access codes, 18 USC 1030(a)(6)
1 count "obtained with intent to convert to his use or gain" Secret
classified orders from a Ft Bragg military exercise, 18 USC 641
2 counts intercepting specific phone calls, 18 USC 2511(1)(a)
1 count "stole a computer printout which was in the custody of
PacBell pursuant to a contract with the FBI and which
contained cable/pair assignments and phone numbers of Ferdinand
Marcos and others who were target of an FBI investigation" 18 USC 641
1 count possession of access-device making equipment (including a
POS terminal for verifying credit card limits!), 18 USC 1029(a)(4),
(b)(3)
I'll find a copy of these laws sometime soon and see how bad they are.
18 USC 1029 and 1030 are new laws and are specifically mentioned in
the "press release". 1029, on "access devices", is being used to
charge these folks with possession of keys; use of calling cards
issued under false names; and possession of a POS terminal and
locksmith tools. Sounds like most modern laws -- broad enough to
charge anybody who they want to "get"...and broad enough to be tacked
on to any other charge to give them more to plea bargain with. And
the ones on use of an incorrect SS# "with intent to deceive"! Last I
heard, it was not illegal to deceive (lie to) private companies about
your SS#, though it is illegal to defraud (cheat) them. Welcome to
New Amerika!
As above; only a court can authorize a wire; would you want it any
other way?
What business does anyone have verifying the credit limits of some
other person lacking some business transaction involving credit? Who
the hell are you -- or anyone -- to verify my credit standing unless
we are transacting business with each other?
>In short, there is little computer crime in here -- mostly the normal
>life of a private person (not giving your name to the phone company,
>not giving out your SS# to people who have no legal need for it),
>mostly the normal life of a private person (not giving your name to the
>phone company, not giving out your SS# to people who have no legal
>need for it.....
Most people do not try to defraud the phone company. Most people do
not give bogus identification to the phone company. Telco will list
(or not) the service under any name desired, within reason. They will
send the bill to any third party. But the person who ultimatly
guarentees the payment *must* be known to telco, like any other
creditor. If these allegations of the government are found to be
factual, then I'd say these fellows have a problem: if they intended
to deal in good faith with telco, their true identities would have
been part of telco's service record.
>not giving out your SS# to people who have no legal need for it.
This is something that has confused many people in the past: do you,
or don't you have to produce an SSN on the request of a merchant? NO,
YOU DO NOT! But....the merchant is NOT obliged to do business with
you on any basis other than CASH. No checks, no credit cards, no open
account -- just cold hard cash, deposit twenty five cents for the
first minute please.....
You don't like those terms, and want to cash your checks, use your
credit or otherwise pay in a more convenient way? Then meet the
creditor's terms. And the federal government says if you decieve the
creditor in *any way*, they have a beef with you.
About 95 percent of the public has no idea how phones work, could care
less how they work (until the CO burns down, the employees go on
strike, or the software gets a bug in it), and do not phreak. Most
people do not know anything more than listen for dial tone, dial the
number, talk and hang up. The defendants here are hardly 'normal
living private persons', if their knowledge of telecom is any
indicator.
Note how casually Mr. Gilmore dismisses this. Instead, substitute the
phrase, 'some possible burglaries; some possible thefts by deception;
possibly some breaking and entering....'
Oh! And, uh, if its not asking too much, WHO authorized the searching
of the apartment? If this is shown to be factual, and if no one can be
found who authorized the 'search', then the 'search' becomes a
burglary...this time of a physical place rather than an electronic
one.
But perhaps I mis-read this. Perhaps the defendants had been invited
by someone to come to their home and search through their possessions.
>I find it quite interesting that they are charging these guys with
>intercepting calls when it's clear that that's exactly what the FBI was
>doing with Ferdinand Marcos's cable pair assignments...
The difference is, the one wire was authorized by a court; the other
one was not. I personally find all wires distasteful -- particularly
those committed by unauthorized persons -- but at least the FBI took
the trouble to do it legally I assume.
And if the FBI did not do it legally? None of us here have virgin ears
and eyes; we all know about the stink at Cincinnatti Bell; the Chicago
Police Red Squad of the 1960's; the marginal legality of some aspects
of the 'war on drugs', etc.... but is the writer saying the current
defendants were no more naughty than the FBI, therefore they should
not be punished if they are found guilty?
Let's quit playing games and pointing fingers. Yes, it is illegal for
anyone to listen to your private conversations except the government,
and then, only by specific court order. Mr. Gilmore seems to be almost
confessing for the defendants now, by his admission that the alleged
acts were illegal. But that isn't what he meant. He meant since it is
okay for the government to break the law, it should be okay for the
defendants to do so also. I think otherwise.
Maybe, but it hardly sounds like the normal life of your average
private person who typically does not carry credit cards with false
names; does not possess a POS terminal unless he is a merchant using
it in his legitimate business; does not have locksmith tools unless he
is a locksmith by trade; and doesn't go around tapping phones,
burglarizing computers and stealing documents.
Isn't that precious..... I'll repeat: quit the game playing and the
role of martyr. If your 'net friends' are found to be guilty, tell
them to quit their belly-aching and take their medicine like a
man-child. A couple years Federal Probation might just hit the spot.
If they follow your line of reasoning, and get too arrogant in court,
that Federal Probation might turn into a couple years in the custody
of the Attorney General or his authorized representative instead.
And if they are not guilty, and all these things the government has
said about them are just damnable lies, by a government 'out to get
them....'
Well then, they can take comfort in the words of Oscar Wilde, who once
said,
Patrick Townson
**This message was NOT intended to express an opinion about the guilt
or innocence of the defendants. Only the court can detirmine the facts.
It was intended to address tbe recent remarks by Mr. Gilmore.**
Re: More Net Friends Charged With Telephone/Computer Crimes (J. Gilmore)
[Moderator's Note: Mr. Gilmore sent this rebuttal several days ago to
my piece which appeared last week. It had to be re-written slightly,
with Mr. Gilmore's approval and assistance due to a couple technical
problems which made it incompatible with Digest software. I am sorry
it isn't as timely as I would have liked; it should have been
distributed several days ago. As he notes in the first paragraph, the
legal issues raised should probably be best continued in misc.legal.
In a Digest later today, a detailed look at Kevin Poulsen. PT]
----------------------------------------------------------------------
Mr. Townson says that it is a crime to misrepresent who you are for
"an extension of credit", including telephone service. I believe this
should be a civil matter, not a criminal one -- and actual harm must
be shown before anyone could be penalized for it. In other words, if
I tell the phone company my name is Joe Blow, and I pay my bill on
time, it's none of their business whether my mama calls me Suzie
Thunder -- and particularly none of the government's business. Why is
the extension of credit different than any other commercial
transaction in this regard?
If a company wants to implement policies about who can and who can't
get credit, it is *their* job to check up on me. It is not the job of
the government to spend tax money to chase me down and prosecute me.
As for extension of credit by Pac Bell... When *I* have gotten band
new service from Pacific Bell, not moved from a previous address in
the same telco (e.g. when moving out of a shared household into my own
house), I had to put up a cash deposit before they would offer me
service. Under those circumstances, is telco "extending me credit"?
I occasionally receive mid-month bills saying "you used your phone a
lot, we want you to pay it now" or "did you make all those calls or
has somebody been charging calls to your number?". These mechanisms
let them cut off service til the bill (or a larger deposit) is paid,
and protect them against fraud. In all cases, when I had had the
phone for a year or two and paid the bills regularly, they refunded
the deposit. E.g. even if I am "Joe Blow" to them, and TRW doesn't
have a dossier on me, I am still creditworthy to them.
> If you misrepresent who you are for the purpose of obtaining an
> extension of credit, you have committed a federal felony.
It's a good thing the government runs the mail system, so it can turn
a simple communications service into one which makes judgements about
the contents of its 'packets'. Happily, Federal Express has a policy
diametrically opposed, e.g. unless the cocaine leaking from your
parcel jams their conveyor belt, it goes through and they ask no
questions and threaten no jail terms. Their job is carriage, not
providing a hook for one more bogus charge to throw at somebody.
> By 'extension of credit' I mean that these gentlemen could have been
> obliged by telco to make a sizeable down payment of earnest money --
> or deposit against future charges -- before service was established.
What if they *did* pay a deposit? That seems to be PacBell policy for
customers with no prior service.
I think that "attempted" access and "conspiracy to" crimes are bogus.
Why should it be illegal for Americans to test the security of the a
US Military network? Should we just believe them if they tell us it
is secure? If it is truly secure, they have nothing to fear from us.
If it is not secure, we the public have a damn strong reason to want
to know. [If we enter and do damage, that is a completely separate
issue. The issue here is the mere attempt to access.]
Also note that there is no apparent tie between the MASNET charges and
the classified orders, which were apparently found in hardcopy form.
Perhaps the guy was in the Air Force and kept some of his old
paperwork?
> > 1 count "stole a computer printout which was in the custody of
> > PacBell pursuant to a contract with the FBI and which
> > contained cable/pair assignments and phone numbers of Ferdinand
> > Marcos and others who were target of an FBI investigation" 18 USC 641
> So now we have another charge of theft.
> What business does anyone have verifying the credit limits of some
> other person lacking some business transaction involving credit? Who
> the hell are you -- or anyone -- to verify my credit standing unless
> we are transacting business with each other?
"If POS terminals are outlawed, only department stores will have POS
terminals" :-)
The indictment mentions only breaking into a network, not into any
military computers, and no theft of information therefrom.
There followed a long flame about normal life being incompatible with
a interest in phone equipment, etc. My comment along these lines was
also misunderstood by another poster. Let me restate and clarify:
me>In short, there is little computer crime in here -- mostly the normal
me>life of a private person (not giving your name to the phone company,
me>not giving out your SS# to people who have no legal need for it),
me>having an interest in phones, some possible phreaking, and some
me>fantasies about innocent stuff they found in searching an apartment.
Please read this as "the normal life of a private person (...), AND
having an interest in phones, AND possible phreaking, AND some
[prosecutor's] fantasies about some innocent stuff the PROSECUTOR
found in searching an apartment".
I think that keeping your life private is not computer crime, nor any
crime. I think having an interest in phones is not computer crime,
nor any crime. I think phreaking (at least tapping phones) is not
computer crime, though it is definitely a crime. I think
prosecutorial fantasies about computer terminals are not computer
crimes, nor any crime.
> if they intended to deal in good faith with telco, their true
> identities would have been part of telco's service record.
> This is something that has confused many people in the past: do you,
> or don't you have to produce an SSN on the request of a merchant? NO,
> YOU DO NOT! But....the merchant is NOT obliged to do business with
> you on any basis other than CASH. No checks, no credit cards, no open
> account -- just cold hard cash, deposit twenty five cents for the
> first minute please.....
> You don't like those terms, and want to cash your checks, use your
> credit or otherwise pay in a more convenient way? Then meet the
> creditor's terms.
All OK by me.
> And the federal government says if you decieve the creditor in
> *any way*, they have a beef with you.
> >I find it quite interesting that they are charging these guys with
> >intercepting calls when it's clear that that's exactly what the FBI was
> >doing with Ferdinand Marcos's cable pair assignments...
> The difference is, the one wire was authorized by a court...
> Let's quit playing games and pointing fingers. Yes, it is illegal for
> anyone to listen to your private conversations except the government,
> and then, only by specific court order.
You clearly don't know current law in this regard. Reread the ECPA.
It does not take a court order to tap your phone these days. A middle
level bureaucrap at the DoJ can legally do it without consulting a
court.
> Mr. Gilmore seems to be almost confessing for the defendants now, by
> his admission that the alleged acts were illegal. But that isn't what
> he meant. He meant since it is okay for the government to break the law,
> it should be okay for the defendants to do so also. I think otherwise.
> ...if the claims by the government are factual, then these fellows
> are hardly model citizens being persecuted by an evil government.
Civil rights only apply to model citizens? That is, model citizens
are permitted to own terminals, but people suspected of other crimes
are not? If someone plants marijuana refuse (or printouts from
telco's trash bin) in Mr. Townson's trash can and calls the cops, will
his computers and telephone memorabilia, his old copies of
confidential "Telephone Test Code Number Directories" that friends had
given him in violation of telco rules, suddenly become illegal 'tools
of crime' too? Will his magazine subscription in the name 'Betty
Crocker', so he can identify who is selling his name to mailing lists,
become mail fraud?
I would take a lot more comfort in suing the government for harassment
and getting the overzealous US Attorney demoted or fired. You get the
government you allow to survive. If you leave petty thugs in there
and go back to reading Wilde, don't complain when thugs run your life.
------------------------------
==================================================
SAN JOSE, Calif. -- When Kevin Poulsen's parents bought him his
first computer, they took his interest in it as a good sign,
particularly because their 16-year-old son had recently dropped out of
high school.
The Poulsens couldn't conceive that letting their son cloister himself
in his room all day tapping away at the keyboard could be bad for him.
"He was on it many hours. He would stay up all night. I didn't really
know what he was up to until the law knocked on our door," said his
father, Lee.
The knock by FBI agents was the first brush with the law for Kevin,
then 17. Now 24, he is charged by federal authorities with one of the
country's most widespread cases of computer and telephone crime.
He was charged last week with two others with commandeering the
nation's phone network, monitoring and taping phone conversations and
breaking into government computers, including military installations.
He is still at large. (See next article in this issue.)
In conversations several days ago with Lee Poulsen and the mother of a
former girlfriend of Kevin Poulsen's, a picture emerged of a brilliant
but emotionally troubled loner motivated by a need for attention and
for finding out information that few people knew.
Additionally, Randol and Lee Poulsen both said that the FBI had asked
for Kevin Poulsen's help in tracking down computer and telephone
criminals. But they said Kevin refused because of loyalty to his
hacker friends.
Poulsen's father said he had last heard from his son three weeks ago
and that he had refused to give him the address for his Los Angeles
apartment.
Like most hackers, Poulsen started out as a phone phreak, one of those
who pirate the national phone network by obtaining phone numbers and
access codes.
It was through this network that in April, 1978, Kevin met Sean
Randol, a quiet, bookish young girl who turned out to live only a mile
from the Poulsens in North Hollywood, said Sean's mother, Annette.
But Sean's refusals just fueled Kevin's obsession. He had his sister,
who worked in the same Los Angeles supermarket as Sean, take pictures
of her at work. And two years ago, he allegedly tapped into the
family's phone lines and taped all their conversations without their
knowledge over a two-week period. Those tapes are part of the
indictments against Poulsen in the case pending.
Sean was not Kevin's only obsession. Ally Sheedy, the actress who
played the hacker's girlfriend in the movie 'War Games' became the
object of phone preaks' and hackers' desire, a kind of underground
idol. With his friends, Kevin got Sheedy's number and address and
stalked her through the phone lines and surveyed her house in the Los
Angeles area, Randol said.
------------------------------
Hello Patrick:
As reported last week the three are all either current or former
employees of Sun Microsystems and SRI International consulting firm.
They were indicted by a federal grand jury on charges of invading or
trying to invade Pacific Bell Telephone and U.S. Army computers.
The Associated Press says Lottor faces five courts and Gilligan
six in the government's 19-count indictment. The prosecutors contend a
scheme existed to steal military secrets and phone numbers from the
FBI investigation of former Philippine President Ferdinand Marcos.
------------------------------