HOPE ON THE ELECTRONIC FRONTIER
by Chris Birch
Copyright (c) 1991 Apple Users' Group, Sydney
Republished from Applecations, a publication of the Apple Users' Group, Sydney, Australia.


"a two-year Secret Service investigation which involved 150 federal agents, numerous local and state law enforcement agencies and the combined security resources of PacBell, AT&T, Bellcore, Bell South MCI, US Sprint, Mid-American, Southwestern Bell, NYNEX, US West and American Express"
A platoon of secret service men assemble. 24th January, 1990. It's time to crush the insidious Legion of Doom once and for all. With guns drawn they pounce. Arrested: Acid Phreak, Phiber Optic and Scorpion. Their names connote a chilling personae. Their crime of over a billion dollars in damage to the US economy is equally chilling.
The raids and arrests continue, culminating on the 8th May, 1990 with the seizing of 27 search warrants in 14 American cities. Seized: 40 computers, 23,000 disks, bulletin boards and consumer electronics. A single mother and computer consultant has her door broken in with sledge hammers and her computer equipment confiscated at gun point. A man wakes at 6:00am with a gun at his nose, his wife in a choke hold, a dozen gun toting spooks prowling around and his sleeping 14 year old son about to be menaced.

INTERMISSION
The legal system is attempting to come to terms with computer related events. The laws were largely framed in the pre-computer age. Operation Sun Devil was an attempt to define the actions of certain individuals within the framework of the legal system and to prosecute them accordingly.
Copyright is a known problem area. Although the actions described here possibly involve copyright considerations, they are less well known. Hacking refers to attempts to gain so-called unauthorised access to a computer via a telephone line. Operation Sun Devil wanted to stamp out this practice.
Very few people actually hack. Even fewer succeed in logging in to an "unauthorised" computer system. The only hacking I'm aware of is its original form of bare metal or machine code programming and altering of memory resident programs and system software of a microcomputer in order to get the software to behave in a different way. There are fewer material and psychological rewards to be obtained from hacking than with other ways of using a computer. An intelligent person who is capable of hacking is more likely to use that ability in a productive and satisfying way.
A larger number of people talk about hacking. They talk about what a certain system is, almost as though they had actually logged in. The truth is all main frame computers operate under proprietary system software such as CICS, TSO/E and NetMaster. If you have ever used, seen or discussed one of these packages then chances are that navigation at an installed site will be a trivial exercise if they use the same software.
Rarely will the discussion have any substance such as locations of restricted system data or current logon ID's and passwords. You may hear about a visitor's logon ID with restricted privileges or some sketchy details on how to possibly invoke the built-in help facility. This is a reflection on the nature of the hacking game. It is just that.

The boarded up house down the road is a beacon for youthful bravado and exploration. It might even be haunted. Let's meet after school and see if we can break in. Look, the side door is open. To mark the achievement a club is formed. Let's call it the Legion of Doom with membership open to anyone who wants to play our game.
So, the Legion of Doom is born. As the name implies, the membership is constituted of wise warriors who receive unquestioned respect from others. In truth, they are teenagers or in their early twenties and unable to yet command adult-like respect in a world they are growing towards yet young enough to make a game of.
Amongst their peers they are intemperate, boastful and hostile. Their code of conduct is illdefined but implicitly understood. Each player has a certain standing in terms of the power game or peer status and is judged upon stunts done or, more precisely, talked about. The game board is the unaccommodating adult ruled world so to protect their integrity they are necessarily secretive and showy in defence. Dad says we shouldn't come here. Yeah, mum says the place is haunted. OK, let's not tell. Thus the Legion of Doom is not the Guild of Pansies, Scorpion has a savage sting and Acid Phreak is capable of wreaking havoc. Nobody understands Phiber Optics.
For most adults, networks are a new frontier. The horizon and the players are unfolding at a pace beyond immediate comprehension. Here then is another challenge. The law makers have the task of patrolling a frontier they have never encountered with participants who know more than them. In a society where computer illiterate adults unquestionably rule, the notion of network users forming their own laws and administering them is so heretical this author will not address it.
So what's a well meaning spook to do when they don't understand the threat posed by the Doomsters or the computer technology and when the legal system that provides their guidance can offer only indirection? When fighting blind from a position of weakness you should lash out with maximum force. Hence the apparent overkill.
"If I were trying to terminate the operations of a witch coven, I'd probably seize everything in sight. How would I tell the ordinary household brooms from the getaway vehicles?"
In the US the question of human rights is very important. They are enshrined in the US constitution and many organisations exist solely to defend these rights. The
confiscation of every electrical device, telephone and related files (printed and disk) and the failure to lay charges against Acid Phreak, Phiber Optic and Scorpion brings into question an individual's constitutional rights. Some individuals, like the above mentioned mother, had the means of their livelihoods damaged by the confiscations.
Although important, questions regarding the objectives of the players and their resulting behaviour are not the fundamental issue. The bottom line is the inadequacy of the legal system. Theft and trespass cannot be easily translated to the data communications environment. The penalties extracted  and decisions made will be inappropriate if such a translation is attempted.
"Hackers had the ability to access and review the files of hospital patients. Furthermore, they could have added, deleted, or altered vital patient information, possibly causing life-threatening situations."
Do we then outlaw hacking altogether, along with hand guns, alcoholic beverages, cars and air conditioning because they can kill when misapplied? Should hacking be considered with these? It is curious that the law is more concerned with defending the material tenets of property while the media has concentrated on sociological considerations.
The legal system is adjusting by including the computer communications environment in the scope of the traditional meanings of theft and trespass. This is wrong. We should instead reconsider the nature of computer theft and trespass afresh. No amount of legal competence can make up for computer illiteracy.
"Is transmission through an otherwise unused data channel really theft? Is the trackless passage of a mind through TRW's mainframe the same as the passage of a pickup through my [property]?...How does one treat property which has no physical form and can be infinitely reproduced? Is the computer the same as a printing press?..."
There are important philosophical considerations here. A failure to address these issues prior to the formulation of computer laws will result in a flawed legal system. It follows that without these considerations being addressed we will not be able to resolve the legal questions in the existing legal framework anyway. This is because we do not understand (cannot accurately define) the legal questions.
In Australia the Sun Devil has thankfully passed us by but the issues are just as relevant here. We so often take the lead from the US in commerce and politics and now more than ever we should assert our voice if we are to avoid a visit from the Sun Devil in our sunburnt land.
All of this takes time. It requires the involvement and cooperation of all interested parties. Perhaps if we had commenced such a dialog in the early days of the microcomputer revolution then we would have resolved the copyright and reverse engineering issues by now.
Atlanta, 16th November, 1990. Adam E. Grant, 23 (aka The Urville and Necron 99) pleads guilty to conspiracy to commit
computer fraud, wire fraud, access code fraud, possession of long-distance telephone access codes with the intent to defraud and interstate transportation of stolen property worth more than $5000. 14 months including 7 months in a halfway house and US$233,000 in fines. Franklen E. Darden, 24 (aka The Leftist) and Robert E. Riggs, 22 (aka The Prophet) were similarly charged. Riggs received an additional 7 months because he pleaded guilty to stealing a Bell South document and uploading it to a bulletin board.
They received lighter sentences for helping with investigations into other Doomsters. They each faced the possibility of 40 years and $2 million in fines. A fourth player, known as Knight Lightning, was arrested on the 15th February 1990, 8 days after the above trio. He was charged similarly to The Prophet although the final sentencing is not known.
The Bell South document is crucial to understanding these events. During 1988 The Prophet hacked into a Bell South computer. There were no dingos to shoot and string up on the homestead fence. No kangaroos to feed to the blueys. Snaring a trophy was as simple as copying a 3 page document titled "A Bell South Standard Practice (BSP) 660-225-104SV- Control Office Administration of Enhanced 911 Services for Special Services and Major Account Centres, March, 1988".
Oops, bad choice Robert. Did you know that "911" is the emergency services number (like our "000") so if people got nasty then this document might be a bit sensitive or in bad taste? And did you know that this literary masterpiece is worth US$79,449? Let me quote an extract and you'll soon see why:
"In accordance with the basic SSC/MAC strategy for provisioning, the SSC/MAC will be Overall Control Office (OCO) for all Notes to PSAP circuits (official services) and any other services for this customer. Training must be scheduled for all SSC/MAC involved personnel during the pre-service stage of the project".
Lucky for you, Bob, the document didn't include any company secrets or computer passwords or management scuttle butt or it may have been worth a lot more. Each page was worth about $34-$35K at current exchange rates. That's 3 "man years" work for a highly paid clerk. It's refreshing to know company standards and procedures manuals are the same the world over. They all have this unique capability of being doubly translated into dutch without anyone noticing the difference.
The US legal system is attempting to prosecute people according to their intent. The Prophet's attention getting stunt has been described as a "deliberate, vicious attack with the intent to do harm". For the reasons outlined earlier the legal system is incapable of adequately determining "intent".
If The Prophet and his three friends had evil intent then their motive is not apparent. They were not disgruntled former employees for instance. Perhaps they had just
received their telephone bill. If you consider intent from the perspective of Bell South then The Prophet's intentions were evil because Bell South defined such actions as evil. The Prophet and his associates pleaded guilty so it is difficult to say from what perspective the legal system would define evil intent.
The Doomsters were interested in hacking. There are other activities unique to the computer age such as cracking and phreaking. Cracking is the art of altering software so as to remove copy protection. Phreaking is the art of altering the behaviour of the telephone system.
Cracking is the most wide spread of the three. With the complexity of today's computer system software it is an unpracticed artform but it was prevalent during the early Apple ][ era. There is no one cracking technique but the procedures and options are all well known amongst many Apple II experts. Often the entire disk image needs to be reverse engineered with special hardware to freeze the computer as the application is loading. Self modifying code makes the disassembly procedure difficult although not impossible. Cracking a disk could take hours or weeks, depending upon the complexity of the disk and the available tools.
Phreaking is not practised here in Australia but the US telephone system, with its multitude of utility companies and protocols was conducive to attempts to work around the long distance billing and accessing procedures. "Blue boxes" and contraptions of other colours would emit a variety of tones at the press of a button and these tones (not normally able to be emitted from a pay phone) would trigger an exchange to alter its routing, allow certain privileges, etc. Occasionally, special telephone numbers or credit card numbers would be required.
Can you imagine the sense of adventure as an enthusiastic electronics hobbyist on the west coast of America blue boxes to a friend on the east coast for the price of a local call. Or the delight of a machine code cracker who discovers the use for a certain byte in the main processor unit's zero page. It would seem there are many ways to explore a haunted house in the land of computer electronics and many ways to have intellectually stimulating fun.
John Draper (aka Cap'n Crunch) is the best known of all phreakers. He rigged up an Apple ][ computer, affectionately known as Charlie, to rapidly dial 800 ("toll free") numbers and then dial four tones in search of what was then known as an "extender". This extender would then allow free calls to anywhere. If the 800 number had an extender then the code was one of 9,999 possibilities. His "blue boxes" could be used from pay phones and the Apple ][ lore says these were responsible for getting Steve Wozniak and Steve Jobs into electronics. There's even a photo of Steve Wozniak with a blue box in John Sculley's "Odyssey" biography (plate 15).
It would seem the media in Australia has only just discovered the 800 tool-free system in Australia is open to unmerciless abuse by misguided home computer phreakers. That
no instances of such abuse have occurred even though the means to do so have existed in Australia for almost a decade is of no relevance.
Unfortunately for Knight Lightning, he ran an electronic magazine called "Phrack" - an amalgam of hack and phreak and he published The Prophet's hacking trophy. Fortunately for him he did not figure a way to combine the unholy troika of computing.
We can all act as judge and jury by considering the many complex and untried questions on an intuitive basis. For good reason the law does not work like this, largely because our perspective is often obscured or influenced by other parties such as a sensationalising media. We also need training to fathom the depths of fact, fiction and irrelevance.
The trial by media of Lindy Chamberlain was very unfortunate. That a case was put forward for the Doomsters being hard done by could be thought of in a similar light, although this would mean the point of this article was missed. To conclude that a miscarriage of justice occurred would also be wrong. We can only assume the central players behaved appropriately within the present legal framework. It is the present legal framework which I am questioning.
Until such time as the legal and computer worlds unite in harmony then organisations such as the Computer Professionals for Social Responsibility will flourish. Operation Sun Devil spurned the Electronic Frontiers Foundation. It was founded by John Perry Barlow, a writer for the Whole Earth Review and whose article "Crime and Puzzlement" is extensively quoted here and Mitch Kapor, founder of Lotus. Steve Wozniak has promised to match Kapor in funding.
"The Electronic Frontiers Foundation will fund, conduct, and support legal efforts to demonstrate that the Secret Service has exercised prior restraint on publications, limited free speech, conducted improper seizure of equipment and data, used undue force, and generally conducted itself in a fashion which is arbitrary, oppressive, and unconstitutional".
It is sad that such organisations are necessary. It is as though society has failed. The computer literate are now trying to force their way into the reckoning of new social and legal mores so they may participate. So far the law makers have stumbled on alone, spooked by the apparent wilderness of the intangible electronic frontier, unable to find their way forward to a forever advancing front line and frightened to ask directions from the players for fear they may have to change.
"Those who are comfortable with these disorienting changes must do everything in our power to convey that comfort to others. In other words, we must share our sense of hope and opportunity".

Credits: All of the above quotes are from "Crime and Puzzlement" by John Perry Barlow, Whole Earth Review p44(14), Fall, 1990. An electronic version of this article is on the Apple II AUG BBS.

See also "Computerworld", US Edition, 26th November 1990, p1 and p99 and the "Sydney Morning Herald", p9, 18th July, 1985 and recent Tuesday's "Australian".

THIS CONTENT COPYRIGHT © 2007, APPLE MACINTOSH USERS' GROUP, SYDNEY
Permission has been obtained to make this material available on the Internet.

Permission is hereby granted for non-profit user groups to republish this content.
PLEASE CREDIT THE AUTHOR AND THE SOURCE: Applecations, publication of the Apple Users' Group, Sydney, Australia

THIS PAGE COPYRIGHT © 2007, ANDREW ROUGHAN