Path: utzoo!attcan!uunet!mailrus!accuvax.nwu.edu!nucsrl!telecom-request From: john@bovine.ati.com (John Higdon) Newsgroups: comp.dcom.telecom Subject: Re: PT's Moment of Fame Message-ID: <9995@accuvax.nwu.edu> Date: 22 Jul 90 05:11:48 GMT Sender: news@accuvax.nwu.edu Reply-To: John Higdon Organization: Green Hills and Cows Lines: 96 Approved: Telecom@eecs.nwu.edu X-Submissions-To: telecom@eecs.nwu.edu X-Administrivia-To: telecom-request@eecs.nwu.edu X-Telecom-Digest: Volume 10, Issue 505, Message 1 of 7 Mark Seiden writes: > You may not be aware that an article by you in Phrack 21, entitled > "Non-Published Numbers" is mentioned in a recitation of the icky and > allegedly felonious stuff Neidorf has been indicted for distributing. Taken out of context, most of what appears in TELECOM Digest is at least as incriminating as the material published in Phrack. Think about it: over the past year alone there have been discussions of 911, telco plant security, billing procedures, unlisted numbers, "infinity transmitters", credit card verification and security, telco account records security, cellular billing and call verification procedures, campus phone systems, police mobile data systems, and much more. Some of the contributors have submitted detailed articles discussing these things. Now that I have seen what a flimsy case exists against Craig Neidorf, my paranoia has reached new heights. Never mind that my book shelves are filled with communication reference books. Never mind that my file cabinets are packed with Pac*Bell technical data. Never mind that my garage is filled with manuals for dozens of PBXes. Never mind that there are Bellcore books under the bed. What's really evil is that "secret and sensitive" material stored in my computer known as Cud, TELECOM Digest, and (probably) the USENET spool. If you think I'm over-reacting, consider Mr. DeArmond's detailed article on how to conduct clandestine surveilance. Or how about Mr. Townson's articles on how to program cellular phones to "get free service"? Just those two examples make the material in the Neidorf case look like a first grade class on how to use the telephone. Notice how just a slight shift in wording can change the entire context? Five minutes with vi and some bozo could make life very miserable for many Digest contributors. Now, for the moment, forget about the chilling effect on all of us die-hard telecom nerds. Consider instead the question: "Why is electronic communications treated in such an unwarranted manner by the government and law enforcement?" If I was inclined to be an auto mechanic, I would be trying to find out all I could about cars. If I was an aspiring banker or financier, I would be hanging around financial institutions, learning all I could about money. If photography turned me on, much of my conscious life would be spent around cameras and photographic equipment, as well as any professionals that would spare me their time. But those interested in computers and telephony are looked upon as sinister beings. Any digging for information is viewed as preparatory to an attack on the system. And heaven forbid that a telecompunerd would actually use the technology related to his interests to learn more more about it. For some reason, information on a computer disk is more sensitive, valuable, dangerous, and proprietary than the exact same information in a dusty book on a library shelf. Why is that? And now for a really scary question: What makes the information in Phrack more "criminal" than the information in the Digest? Wait until the Keystone Kops discovers THIS international ring of telephone hackers. Where are they going to store all the computers they seize that have Digest messages on them? IMHO, the Neidorf case could very well be a major turning point in the future of the freedom of electronic communications. We should all be watching this one very closely. John Higdon | P. O. Box 7648 | +1 408 723 1395 john@bovine.ati.com | San Jose, CA 95150 | M o o ! [Moderator's Note: You say it might well be 'a major turning point in the future of electronic communications', but I don't think it will be quite that dramatic. It may well (I think it already has) be the impetus which forces small electronic publishers to maintain the same (generally) responsible standards in publishing observed by the larger operations, i.e. Compuserve, Dow Jones, etc. You have to take an overview of the entire purpose, scope and production of an electronic publication; the individual articles won't tell the whole story. The name 'Phrack' seems to be a combination of the two words 'phreak' and 'hack', two words with a derogatory inference even to many of the people who use them to describe themselves. It is almost as though it was being stuck up under the government's nose with the attitude 'see if you can stop us'. And how do you address security flaws in telecom systems without at the same time giving hints to the no-goods who would abuse the system? You can't, so the question becomes one of intent: are the articles mainly there to educate the no-goods under the guise of 'improving security'? You do not need to print actual code numbers and complete descriptions of successful attacks to alert the security concious to the problem. You did not see any in-depth information about *which* phone numbers were exempt from serial checking in the cell phone articles, nor will you see that sort of detail here. Another thing that annoys the government and the telcos is the constant (and I think sick) swapping out of /f/ with /ph/ on words out of some misplaced reverence to the telephone network. This is a whole topic in itself: the swapping of /f/ and /ph/ to make some point to readers could be discussed in detail. PT]