**************************************************************************** >C O M P U T E R U N D E R G R O U N D< >D I G E S T< *** Volume 3, Issue #3.09 (March 19, 1991) ** **************************************************************************** MODERATORS: Jim Thomas / Gordon Meyer (TK0JUT2@NIU.bitnet) ARCHIVISTS: Bob Krause / Alex Smith / Bob Kusumoto RESIDENT GAEL: Brendan Kehoe USENET readers can currently receive CuD as alt.society.cu-digest. Back issues are also available on Compuserve (in: DL0 of the IBMBBS sig), PC-EXEC BBS (414-789-4210), and at 1:100/345 for those on FIDOnet. Anonymous ftp sites: (1) ftp.cs.widener.edu (or 192.55.239.132) (back up and running) and (2) cudarch@chsun1.uchicago.edu E-mail server: archive-server@chsun1.uchicago.edu. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted as long as the source is cited. Some authors, however, do copyright their material, and those authors should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to the Computer Underground. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Contributors assume all responsibility for assuring that articles submitted do not violate copyright protections. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ CONTENTS THIS ISSUE: File 1: "Hollywood Hacker" or More Media and LE Abuse? File 2: Computer Publication and the First Amendment ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ---------------------------------------------------------------------- ******************************************************************** *** CuD #3.09, File 1 of 2: Hollywood Hacker or Media Hype? *** ******************************************************************** From: Jim Thomas / CuD Subject: "Hollywood Hacker" or More Media and LE Abuse? Date: March 20, 1991 In CuD 3.08 we asked for information on the Hollywood Hacker. Here's what we've learned so far. Stuart Goldman, a freelance investigative reporter, was raided on March 8, 1990, by Secret Service agents and the Los Angeles Police. According to news stories in the Los Angeles Times and elsewhere, Goldman was working on an expose of "sleaze-tv" shows such as Current Affair and Hard Copy, shows for which he had also provided written material. According to the news accounts, Goldman was caught attempting to access Fox computers in New York and Los Angeles containing files relevant to Current Affair. He was charged with the usual litany of allegations (fraud, theft, etc) under Section 502(c)(2) of the California Penal Code. Section 502(c)(2) is sufficiently vague to make any number of acts a felony: s 502 (c) Except as provided in subdivision (h), any person who commits any of the following acts is guilty of a public offense: (1) Knowingly accesses and without permission alters, damages, deletes, destroys, or otherwise uses any data, computer, computer system, or computer network in order to either (A) devise or execute any scheme or artifice to defraud, deceive, or extort, or (B) wrongfully control or obtain money, property, or data. (2) Knowingly accesses and without permission takes, copies, or makes use of any data from a computer, computer system, or computer network, or takes or copies any supporting documentation, whether existing or residing internal or external to a computer, computer system, or computer network. Conviction carries the following: (d) (1) Any person who violates any of the provisions of paragraph (1), (2), (4), or (5) of subdivision (c) is punishable by a fine not exceeding ten thousand dollars ($10,000), or by imprisonment in the state prison for 16 months, or two or three years, or by both that fine and imprisonment, or by a fine not exceeding five thousand dollars ($5,000), or by imprisonment in the county jail not exceeding one year, or by both that fine and imprisonment. WHAT IS THE CASE ABOUT? Piecing together the various news accounts and info from some of the legal documents we have obtained, the following seems to be the gist of the matter: --Goldman had contributed material both to Fox's Current Affair and Paramount's Hard Copy, two competitors in the "sleaze-tv" school of journalism. --According to various news articles, he was an articulate gadfly, specializing in "expose" pieces for both tv and hardcopy media. He was working on a story about tabloid tv, including the content and practices of Hard Copy and Current Affair when arrested. --As near as can be interpreted from the search affidavit and news accounts, it appears that Goldman possessed access to a computer account at Fox, which he may or may not have had legitimate (or believed he had legitimate) access to. If we are interpreting the public information correctly, it appears that no password was required to access the accounts, only the log-on id. Tracey Miller, of KFI's Live Line in Los Angeles, described Goldman as some one who "had managed to infiltrate the world of tabloid journalism and then got caught up in a sting operation involving Fox Television computers." --The search affidavit indicates that Paul Smirnoff, of Fox tv in New York, noticed attempted logins to the Fox computer in New York used by Current Affair writers. The account had a null password (meaning no password is required to gain access to the system) and the person to whom the account belonged indicated that she had not changed the password "for sometime." Smirnoff directed that a "bait" story be left in the LA computer. Using a phone trap and caller logs, investigators gathered evidence for their allegations against Goldman. On March 8, 1990, local police and Secret Service agents burst into Goldman's apartment. However, unlike other raids, of which we have had second-hand reports, there was an added twist to this one: FOX TELEVISION WAS PRESENT WITH REPORTERS AND CAMERA CREW! HACKING OR MEDIA HYPE? Why was Fox tv present on this raid? The Secret Service has been surprisingly reticent about their procedures to the point of revealing little information in interviews, let alone allowing video tapes to be made. We are repeatedly told that the time and dates of raids are "secret." Yet, not only was Fox present, but they seemed to have full cooperation from the agents present. Is collusion in media events a standard practice between law enforcement and the media? Were other news agencies invited? How does Fox rate? If CuD asked to participate and report on a raid, my guess is that the response would be less than enthusiastic. The video was hyped on Fox on March 8 and shown on the news, teasing the audience with sensationalistic promos and dubbing Goldman "The Hollywood Hacker." In the current climate of media hyperbole and so-called crackdowns, this strikes us has highly prejudicial. The news broadcast of the tape comes across like a segment from "COPS" or a Geraldo Rivera segment. There are the usual teases "Its not military espionage and it's not corporate spying," and the caption "HOLLYWOOD HACKER" graphically frames for the audience how to interpret the events: This is not simply a suspect, it is....THE HOLLYWOOD HACKER. Not "alleged" HH, but the real McCoy! The tape opens with agents outside a door in bullet proof vests with guns drawn, hanging menacingly in a "hacker's might be dangerous so we'd better be ready to blow the suck fuck away" position. Granted, this was not as dramatic as the tapes of the magnum-force beating of a Black LA motorist, but the sources of such violence are more readily understandable when the force of a raid is graphically depicted. One wonders whether Keating, Ollie North, and others more preferentially situated stared down a phallus surrogate when they were arrested. LE agents tell us drawn weapons are standard procedure, because they never know what may lie on the other side of the door. But, in case after case of hacker raids, one wonders how many computerists shot it out with the cops? And, if the situation was so dangerous, one wonders why the tv crowd was allowed to charge in amidst the officers. On the tape, loud voices can be heard yelling: "Open the Door!!!!" several times, and police and camera crowd enter, police with guns drawn, Fox Folk with cameras rolling. Agents are yelling "Hands up!! Against the Wall!" several times. The cameras are panning around and focus on Goldman sitting on a couch, reading the arrest warrant. Goldman's face was not, as it seems to be in shows such as COPS, blocked out, and from all appearances, he could pass for an IBM senior executive in his mid 40s. WHY SHOULD THE CU CARE? As with so many of the so-called hacker raids in the past year, it is neither guilt nor innocence, but the questions raised by procedure that should bother us: 1. The role of the media in inflaming public conceptions of hacking seems, in this case, to exceed even the cynical view of sensationalistic vested interests. The presence of a Fox news team and the subsequent hacker hyperbole for what the indictment suggests is a trivial offense at worst, makes one wonder whether some other motive other than computer access might not have led to the raid. We have seen from the events of 1990 that "victims" of computer intruders tend to grossly over-state losses. Only further inquiry will reveal whether Fox had motives for challenging an investigative journalist doing exposes on the type of tabloid tv they have made popular. It is worth noting that the Secret Service was involved in part because of a claim of a "federal interest computer," but, according to news accounts, they withdrew from the case almost immediately. Given the tenacity with which they have pursued other cases on less evidence (such as Steve Jackson Games, where part of the "evidence" was an employing explaining in a BBS post that Kermit is a 7-bit protocol), one wonders why they apparently ducked this case so quickly? 2. A second issue of relevance for the CU is the definition of "hacker." By no stretch of the imagination can the acts of whoever allegedly accessed the Fox computers be called hacking. From the few legal documents we have obtained and from media accounts, the action seems more akin to a graduate student using the account of another grad student without "official" authorization. We do not defend computer trespass, but we do strongly argue that there must be some distinction between types of trespass and what is done once a trespass occurs. 3. We have not yet contacted Ralph Greer, the apparent attorney of record in this case, so we can only surmise on a few possible issues. We wonder if the case is being treated as a typical criminal case or whether it is recognized that there are issues here that extend far beyond the "normal" crime of "theft," "fraud," and other metaphoric definitions brought to bear on computer cases? We also wonder if, like some others, there is any pressure to "cop a plea" because of the lack of a creative defense that Sheldon Zenner, The EFF and others have introduced in some other cases? Again, for us the concern is not who is or is not guilty in this case, but with the problem of defending against charges that seem far in excess of the act. 4. The matter of defense also raises the issue of California law. Parts of Section 502 and 502.7, as we (and others) have argued previously, see overly vague, excessively punitive, and could make even the most trivial form of trespass a felony. To non-lawyers such as ourselves, it seems that the alleged acts would, in most states, at worst be a misdemeanor and not subject a potential offender to three or more years in prison. 5. We have argued long and loud against the current tactics employed by agents on computer raids. Yes, we recognize that there are standard procedures and we recognize that police do face potential danger in raids. However, to raid an alleged computer offender in the same way that a crack house is raided seems over-kill and dangerous. There are many ways to arrest suspects, and raids, although dramatic, do not seem justified in any single case of which we are aware. The tv tape suggests that, if the suspect made an improper move (especially in the confusion of everybody yelling at once, the suspect perhaps responding to one set of commands and ignoring another, tv camera people in the thick of things), a tragic consequence could have occured. We should all be concerned with the "police state" mentality in such instances. Yes, there may be times when caution and full operative procedures on computer criminals is justified, but suspected hackers are not your typical computer criminals. One wonders what the response will be if a young teenager makes a "furtive gesture" and is blown away. One credible teenager once told us that when he was arrested, the police burst into his room with guns drawn. He was at the keyboard of his computer, and the agent in charge, perhaps to impress her male colleagues, allegedly pointed the gun to his head and said, "Touch that keyboard and die!" 6. The search warrant for Goldman's apartment authorizes seizure of a variety of material that seems--as it has in other cases--far in excess of what could even by a computer illiterate be used for any related offenses. This raises the issue of what constitutes "evidence" in such cases. We have seen from other raids that posters, personal letters unrelated to computers, news clippings, telephones, video tapes, science fiction books, research notes, and other artifacts were taken. Law enforcement agents readily justify this, but when raiding forgers, car thiefs, or even drug dealers, the scope of seized equipment is much narrower. Police, to our knowledge, do not confiscate all the spoons in the house, the matches, or the stove, when arresting suspected junkies. Yet, this is the mentality that seems to guide their seizures of equipment in computer cases. In a recent issue of RISKS Digest, moderator Peter G. Neumann observed "that there is still a significant gap between what it is thought the laws enforce and what computer systems actually enforce." I interpret this to mean simply that the law has not caught up to changing technology, and old, comfortable legal metaphors are inappropriately applied to new, qualitatively different conditions. Calling simple computer trespass (even if files are perused) a heavy-duty felony subjecting the offender to many years in prison does not seem productive. The point seems to be that emerging computer laws are archaic. Neither those who write the laws nor those who implement them have a clear understanding of what is involved or at stake. When mere possession (not use, but possession) of "forbidden knowledge" can be a felony (as it is in California), we must begin to question what the law thinks it's enforcing. Few objected to the enactment of RICO laws, and fewer still to the laws allowing confiscation of property of drug suspects. The attitude seemed to be that harsh measures were justified because of the nature of the problem. Yet, those and similar laws have been expanded and applied to those suspected of computer abuse as we see in the cases of Steve Jackson Games, RIPCO BBS, the "Hollywood Hacker," and others have been raided under questionable circumstances. I'm wondering: What does law think it's enforcing? What is the appropriate metaphor for computer trespass? What distinctions should be made between types of offense? Please remember, nobody is justifying trespass, so continual harangues on its dangers miss the point. I am only suggesting that there is a greater risk from misapplication of law, which--like a virus--has a historical tendency to spread to other areas, than from computer hackers. It's easier to lock out hackers than police with guns and the power of the state behind them, and we have already seen the risks to people that result from over-zealous searches, prosecution, and sentencing. And, at the moment, I suggest that it's law enforcement agents who are the greatest danger to the computer world, not hackers. Why? Because "there is still a significant gap between what it is thought the laws enforce and what computer systems actually enforce." As Edmund Burke once (presumably) said, the true danger is when liberty is nibbled way for expedience and by parts. ******************************************************************** >> END OF THIS FILE << *************************************************************************** Endnotes 1. Phrack, see infra, CCCAN, a Canadian publication, The LEGION OF DOOM TECHNICAL JOURNAL, COMPUTER UNDERGROUND DIGEST AND VIRUS-L DIGEST ARE A FEW OF THE MANY PUBLICATIONS. 2. MacMillan Dictionary of Personal Computing & Communication (1986 ed) defines it as: "A network of computer systems that allow the fast and easy flow of data between the systems and users of the system." Id. at 68. 3. "[A] flat disk with a magnetizable surface layer on which data can be stored by magnetic recording." Id. at 215 4. "A plastic tape having a magnetic surface for storing data in a code of magnetized spots." Webster's NewWorld Dictionary of Computer Terms (1988 3 ed.) at 223. 5. Frenzy over Phrack; First Amendment concerns raised in computer hacker case, Communications Daily, June 29, 1990, at 6. 6. Information from this section was gathered in part from Dorothy Denning's paper The United States vs. Craig Neidorf: A Viewpoint on Electronic Publishing, Constitutional Rights, and Hacking." [hereinafter Denning] and Interview with Craig Neidorf, editor of Phrack (Oct. 16, 1990). 7. The name of the publication was derived from two words, phrack (telecommunication systems) and hack (from computer hacking). Denning. Hacking has been defined as "one who gains unauthorized, use non-fraudulent access to another's computer system." Webster's II New Riverside University Dictionary (1984) at 557. For other definitions, see United States v. Riggs, 739 F. Supp. 414, 423-24 (N.D. Ill. 1990). 8. Mr. Neidorf was indicted after he published a Bell South E911 document which was downloaded from the Bell South computer system in Atlanta, Georgia. Determining if Mr. Neidorf should be punished for publishing such information is beyond the scope of this paper. 9. John Stevens, Shaping the First Amendment: The Development of Free Expression at 27 (1982). [hereinafter Stevens] 10. Id. 11. Edward Hudon, Freedom of Speech and Press in America, 8-9 (1963). 12. Id. at 9. 13. Id. 14. Id. 15. Id. at 10. 16. Id. 17. Id. 18. Id. 19. Id. at 11. 20. Id. 21. Id. 22. Id. 23. Id. 24. Leonard Levy, Freedom of Speech and Press in Early American History: Legacy of Suppression, 14 (1963) [hereinafter Levy] citing Sir William Blackstone, Commentaries on the Laws of England 2:112-113 (1936). 25. Stevens, at 29. 26. Levy, at 21-22, quoting William Waller Hening, The Statutes at Large Being a Collection of All the Laws of Virginia (1619-1792) (Richmond, 1809-1823), 2:517. [emphasis in original] 27. Levy, at 24, quoting "Instructions to Governor Dongan," 1686, in E.B. O'Callaghan and B. Fernow, eds., Documents Relative to the Colonial History of the State of New York 3:375 (Albany, 1856-1887). 28. By 1721, Massachusetts effectively ended censorship by licensing. Levy, at 36. 29. Edward Hudson, Freedom of Speech and Press in America (1963) 19. 30. John D. Stevens, Shaping the First Amendment: The Development of Free Expression (1982), 31. 31. Hudson, at 19. 32. Lovell v. City of Griffen, Ga., 303 U.S. 444, 451-52 (1938) [footnotes omitted]. 33. Patterson v. Colorado, 205 U.S. 454, 462 (1907), quoting Commonwealth v. Blanding, 3 Pick. [Mass.] 304, 313-14. [emphasis in original] 34. U.S. Const. amend. I. 35. Leonard W. Levy, Freedom of Speech and Press in Early American History: Legacy of Suppression (1960), quoting The Debates and Proceedings in the Congress of the United States (Washington, 1834 ff.) I:766, 1st Cong., 1st Sess. 36. "The Protection of the First Amendment, mirrored in the Fourteenth, is not limited to the Blackstonian idea that freedom of the press means only freedom from restraint prior to publication." Chaplinsky v. New Hampshire, 315 U.S. 572, n.3, (1941) citing Near v. Minnesota, 283 U.S. 697 (1931). 37. Lovell v. City of Griffin, Ga. 303 U.S. 444, 452 (1938). 38. "We have no doubt that moving pictures, like newspapers and radio, are included in the press whose freedom is guaranteed by the First Amendment." 334 U.S. 131, 166 (1948). "Expression by means of motion pictures in included within the free speech and speech and free press guaranty of the First and Fourteenth Amendments." Joseph Burstyn, Inc. v. Wilson, 343 U.S. 495, 502 (1952). 39. "The propose directory [of physicians] contains information of interest to people who need physicians. The directory, therefore, is embraced by the term "press" as used in the first amendment." Health Systems Agency of Northern Virginia v. Virginia State Board of Medicine, 424 F. Supp. 267, 272 (E.D. Va. 1976). 40. "A campus newspaper is part of the "press" for the purpose of the First Amendment to the Constitution of the United States." Arrington v. Taylor, 380 F.Supp. 1348, 1365 (M.D.N.C. 1974). 41. Legi-Tech v. Keiper, 766 F.2d 728, 734-35 (2d Cir. 1985). 42. Phrack, volume 1, issue 1, phile 1, reprinted in Computer Underground Digest, volume 2, Issue #2.12, file 1 (November 17, 1990). 43. Id. 44. See, infra, note 35 and text. 45. This is not to say that publication of information in furtherance of a crime or criminal activity should receive the protection of the first amendment. 46. This section has been completed with the help of Spitzer, Seven Dirty Words and Six Other Stories (1986). 47. 341 U.S. 622, 642 (1951), "The First and Fourteenth Amendments have never been treated as absolutes." 48. 283 U.S. 697, 716. 49. Near v. Minnesota, 283 U.S. 697 (1931), New York Times Co. v. Sullivan, 403 U.S. 713 (1971), Minneapolis Star and Tribune Co. v. Minnesota Comm'r of Revenue, 460 U.S. 575 (1983). 50. See, supra, notes 9 through 24 and text. 51. Communications Act of 1934. 47 U.S.C. 301 et. seq. (1988) (Requiring that radio stations and television stations obtain licenses). 52. Red Lion Broadcasting Co. v. F.C.C., 395 U.S. 367 (1969). 53. See, e.g., Evans v. American Federation of Television and Radio Artists, 354 F.Supp 823, 838 (S.D.N.Y. 1973), rev'd on other grounds, 496 F.2d 305 (2nd Cir. 1974), cert. denied, 419 U.S. 1093. ("In editorial comment, the New York Times and the Washington Post may be unreservedly liberal, while the Indianapolis News or the Manchester Union Leader may be unremittingly conservative.") 54. 47 U.S.C. 309(a). Trinity Methodist Church v. Federal Radio Commission, 62 F.2d 850, (D.C. Cir. 1932), cert. denied, 288 U.S. 599 (1933). (holding that if radio broadcasts were not in the public interest, a license could be revoked and not violate the first amendment.) 55. Of course, if a newspaper is not responsive to its readers, it may lose subscribers and either be forced to change or go out of business. However, since in that hypothetical there would be no state action, there would be no first amendment issue. 56. National Broadcasting Co. v. United States, 319 U.S. 190, 226 (1943). The dissenting opinion also followed similar reasoning. "Owing to its physical characteristics radio, unlike the other methods of conveying information, must be regulated and rationed by the government." Id. at 319. 57. Red Lion Broadcasting v. Federal Communication Commission, 395 U.S. 367 (1969), and Federal Communication Commission v. League of Women Voters, 468 U.S. 364 (1984). 58. For the same reason, the fairness doctrine should not be applied to these types of publications. ******************************************************************** ------------------------------ **END OF CuD #3.09** ********************************************************************