Computer underground Digest Wed Oct 26, 1994 Volume 6 : Issue 93 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe Retiring Shadow Archivist: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Mini-biscuit editor: Guy Demau Passant CONTENTS, #6.93 (Wed, Oct 26, 1994) File 1--Government Gopher Sites File 2--(fwd) South African Consitution and computer privacy (fwd) File 3--The Online Future (Review) File 4--OTA Report on Information Security and Privacy released File 5--Cu Digest Header Information (unchanged since 23 Oct 1994) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. ---------------------------------------------------------------------- Date: Wed, 26 Oct 1994 19:32:43 CDT From: CuD Moderators Subject: File 1--Government Gopher Sites ((MODERATORS' NOTE: We're periodically asked for the location of good gopher sites for government and other information. Here is a list of major government gopher sites. University gopher sites can sometimes be discovered just by typing gopher.(university.address). For example, gopher gopher.niu.edu gopher niu.edu is a hit-and-miss approach, but with a few minutes experimentation, you'll likely come across some fascinating archives. The header from the following post was eaten when it arrived. Thanks to the poster for sending over the following list of government gopher sites. We should also add a few of our own favorites: The American Civil Liberties Union host=aclu.org Univ. of Minnesota gopher (the gopher of all gophers) host=tc.umn.edu Internet Spies/WIRETAP - crammed full of books and texts host=wiretap.spies.com And, we can't forget our own NIU sociology gopher, just constructed and growing-- At the opening menu, move to Academic depts / Liberal Arts / Sociology and check out the CRIMINOLOGY area. It's still under construction, so if you see something that's not there that would be helpful, let us know. It also hosts the Society for the Study of Symbolic Interaction gopher site)). NIU Sociology gopher host=gopher.corn.cso.niu.edu ============================ NAME AND HOST name=extension service, usda host=esusda.gov name=u.s. dept agriculture food and nutrition information center host=ra.esusda.gov name=national trade data bank host=gopher.stat-usa.gov name=u.s. dept transportation host=gopher.dot.gov name=u.s. dept agriculture extension service host=esusda.gov name=national center for research on evaluation, standards host=gopher.cse.ucla.edu name=library of congress marvel information system host=marvel.loc.gov name=protein data bank - brookhaven national lab host=pdb.pdb.bnl.gov name=u.s. dept agriculture national agricultural library plant genome host=probe.nalusda.gov name=u.s. dept agriculture ars grin national genetic resources program host=gopher.ars-grin.gov name=federal info exchange (fedix) host=fedix.fie.com name=lanl physics information service host=mentor.lanl.gov name=nasa goddard space flight center host=gopher.gsfc.nasa.gov name=nasa network application and information center (naic) host=naic.nasa.gov name=national institute of standards and technology (nist) host=gopher-server.nist.gov name=national institutes of health (nih) host=gopher.nih.gov name=national science foundation (stis) host=stis.nsf.gov name=oak ridge national laboratory esd gopher host=gopher.esd.ornl.gov name=national institute of allergy and infectious disease (niaid) host=gopher.niaid.nih.gov name=national institute of mental health (nimh) gopher host=gopher.nimh.nih.gov name=national science foundation center for biological timing host=minerva.acc.virginia.edu name=national cancer institute host=gopher.nih.gov name=los alamos national laboratory host=gopher.lanl.gov name=lanl advanced computing laboratory host=gopher.acl.lanl.gov name=lanl nonlinear science information service host=xyz.lanl.gov name=u.s. military academy gopher host=euler.math.usma.edu name=national center for atmospheric research (ncar) gopher host=gopher.ucar.edu name=national center for biotechnology information (ncbi) gopher host=ncbi.nlm.nih.gov name=nasa langley research center host=gopher.larc.nasa.gov name=nasa shuttle small payloads information host=sspp.gsfc.nasa.gov name=askeric - (educational resources information center) host=ericir.syr.edu name=national center for supercomputing applications host=gopher.ncsa.uiuc.edu name=u.s. geological survey (usgs) host=info.er.usgs.gov name=nasa center for aerospace information host=gopher.sti.nasa.gov name=nasa lewis research center (lerc) host=gopher.lerc.nasa.gov name=u.s. geological survey atlantic marine geology host=bramble.er.usgs.gov name=aves: bird related information host=vitruvius.cecer.army.mil name=nist computer security host=csrc.ncsl.nist.gov name=naval research laboratory host=ra.nrl.navy.mil name=naval research laboratory central computing facility host=ccfsun.nrl.navy.mil name=nasa high energy astrophysics science archive research center host=heasarc.gsfc.nasa.gov name=u.s. national information service for earthquake engineering host=nisee.ce.berkeley.edu name=lternet (long-term ecological research network) host=lternet.washington.edu name=u.s. dept energy office of nuclear safety host=gopher.ns.doe.gov name=national library of medicine host=gopher.nlm.nih.gov name=lanl gopher gateway host=gopher.lanl.gov name=lanl t-2 nuclear information service gopher host=t2.lanl.gov name=u.s. dept education host=gopher.ed.gov name=u.s. dept energy host=vm1.hqadmin.doe.gov name=national coordination office for high performance computing and communications host=gopher.hpcc.gov name=environment, safety & health (usde) gopher host=dewey.tis.inel.gov name=u.s. dept energy environment, safety & health gopher host=dewey.tis.inel.gov name=naval ocean system center (nrad) gopher host=gopher.nosc.mil name=u.s. environmental protection agency great lakes national program office gopher host=glnpogis2.r05.epa.gov name=environmental protection agency great lakes national program office gopher host=glnpogis2.r05.epaa.gov name=u.s. environmental protection agency futures group host=futures.wic.epa.gov name=environmental protection agency futures group host=futures.wic.epa.gov name=u.s. navy naval ocean system center nrad gopher host=gopher.nosc.mil name=national institute of environmental health sciences (niehs) gopher host=gopher.niehs.nih.gov name=arkansas-red river forecast center (noaa) host=gopherpc.abrfc.noaa.gov name=national geophysical data center (noaa) host=gopher.ngdc.noaa.gov name=nasa office of life and microgravity sciences and applications host=gopher.olmsa.hq.nasa.gov name=noaa environmental services gopher host=esdim1.nodc.noaa.gov name= federal government information (via library of congress) host=marvel.loc.gov name=comprehensive epidemiological data resource (cedr) gopher host=cedr.lbl.gov name=lawrence berkeley laboratory (lbl) host=gopher.lbl.gov name=national oceanographic data center (nodc) gopher host=ariel.nodc.noaa.gov name=esnet information services gopher host=gopher.es.net name=cyfernet usda children youth family education research network host=cyfer.esusda.gov name=americans communicating electronically host=ace.esusda.gov name=u.s. dept agriculture children youth family education research network host=cyfer.esusda.gov name=oak ridge national laboratory center for computational sciences host=gopher.ccs.ornl.gov name=nasa k-12 nren gopher host=quest.arc.nasa.gov name=national agricultural library genome gopher host=probe.nalusda.gov name=eric clearinghouse on assessment and evaluation host=vmsgopher.cua.edu name=u.s. dept commerce economic conversion information exchange host=cher.eda.doc.gov name=u.s. dept commerce economics and statistics administration host=gopher.stat-usa.gov name=national center for education statistics host=gopher.ed.gov name=u.s. dept agriculture economics and statistics host=usda.mannlib.cornell.edu name=u.s. environmental protection agency host=gopher.epa.gov name=environmental protection agency host=gopher.epa.gov name=national library of medicine toxnet gopher host=tox.nlm.nih.gov name=nasa minority university space interdisciplinary network host=muspin.gsfc.nasa.gov name=stis (science and technology information system-nsf) host=stis.nsf.gov name=national toxicology program (ntp) niehs-nih host=gopher.niehs.nih.gov name=u.s. dept commerce information infrastructure task force host=iitf.doc.gov name=co-operative human linkage center (chlc) gopher host=gopher.chlc.org name=smithsonian institution natural history gopher host=nmnhgoph.si.edu name= politics and government host=peg.cwis.uci.edu name=voice of america (radio) host=gopher.voa.gov name=federal register - sample access host=gopher.counterpoint.com name=u.s. senate gopher host=gopher.senate.gov name=u.s. bureau of mines gopher host=gopher.usbm.gov name=legi-slate gopher service (via umn)/ host=mudhoney.micro.umn.edu name=nasa laboratory for terrestrial physics gopher host=ltpsun.gsfc.nasa.gov name=noaa national oceanographic data center (nodc) gopher host=ariel.nodc.noaa.gov name=noaa national geophysical data center (ngdc) host=gopher.ngdc.noaa.gov name=u.s. bureau of the census gopher host=gopher.census.gov name=eric clearinghouse for science, math, environmental (osu) host=gopher.ericse.ohio-state.edu name=\peg, a peripatetic, eclectic gopher host=peg.cwis.uci.edu name=u.s. house of representatives gopher host=gopher.house.gov name=information infrastructure task force (doc) gopher host=iitf.doc.gov name=federal communications commission gopher host=ftp.fcc.gov name=defense technical information center public gopher host=asc.dtic.dla.mil name=national archives gopher host=gopher.nara.gov name=nasa center for computational sciences host=nccsinfo.gsfc.nasa.gov name=u.s. agency for international development gopher host=gopher.info.usaid.gov name=graingenes (usda) gopher host=probe.nalusda.gov name=federal reserve board (via town.hall.org) host=town.hall.org name=federal networking council advisory committee host=fncac.fnc.gov name=federal deposit insurance corporation gopher (via sura.net) host=fdic.sura.net name=national telecommunication and information administration (ntis) gopher host=gopher.ntia.doc.gov name=national institute of standards and technology gopher host=zserve.nist.gov name=securities and exchange commission "edgar" gopher host=town.hall.org name=u.s. securities and exchange commission "edgar" gopher host=town.hall.org name=u.s. patent and trademark office information (via town.hall.org) host=town.hall.org name=public broadcasting service (pbs) gopher host=gopher.pbs.org name=u.s. dept justice gopher host=gopher.usdoj.gov name=fedworld (ntis) - 100+ electronic government bulletin boards host=peg.cwis.uci.edu name=ntis fedworld - 100+ electronic government bulletin boards host=peg.cwis.uci.edu name=national renewable energy laboratory host=gopher.nrel.gov name=catalog of federal domestic assistance host=peg.cwis.uci.edu name=social security administration host=oss968.ssa.gov name=national center for toxicological research host=gopher.nctr.fda.gov name=national heart, lung, and blood institute (nhlbi) gopher host=gopher.nhlbi.nih.gov name=noaa online data and information systems host=esdim1.esdim.noaa.gov name=eric clearinghouses (via syracuse) host=ericir.syr.edu name=internic: internet network information center gopher host=is.internic.net name=nasa information sources telnet (compiled by msu) host=burrow.cl.msu.edu name=nasa space mechanisms information gopher host=altemird.jsc.nasa.gov name=financenet (national performance review) host=gopher.financenet.gov name=u.s. dept health and human services host=gopher.os.dhhs.gov name=u.s. consumer product safety commission gopher host=cpsc.gov name=consumer product safety commission gopher host=cpsc.gov name=defense nuclear facilities safety board host=gopher.dnfsb.gov name=national agricultural library host=gopher.nalusda.gov name=small business administration host=www.sbaonline.sba.gov name=nasa marshall space flight center spacelink host=spacelink.msfc.nasa.gov name=national information infrastructure task force host=iitf.doc.gov name=u.s. dept agriculture aphis gopher host=gopher.aphis.ag.gov name=u.s. dept housing and urban development ------------------------------ Date: Mon, 24 Oct 1994 22:58:17 -0500 (CDT) From: David Smith Subject: File 2--(fwd) South African Consitution and computer privacy (fwd) Saw this posted elsewhere, just passing along this lawyers request for information. David Smith | bladex@bga.com | ---------- Forwarded message ---------- Date--Mon, 24 Oct 1994 17:18:52 GMT South Africa has a new Bill of Rights which guarantees the right to privacy and protects all persons against unreasonable and unjustified search and seizure of their personal property or the violation of private communications. I am currently involved in research into the impact of this constitutional right on computer law. In particular, I am looking at whether a state agency can obtain a list of files from a person's account which they suspect contains illegal material such as pirated software or pornography (illegal in South Africa). Does the state agency need to obtain a search warrant or the user's permission before searching his/her account even if their suspicion is a reasonable one? The crisp legal issue is this: Does the seizure of computer files or a list of those files out of an individual's account, without a warrant or without the user's permission, violate the constitutional right to procedural due process and the right to privacy? I would like references to reported judgements on this issue, especially cases that have dealt with this on a constitutional law basis. If possible, it would be most useful if I could be e-mailed actual copies of the judgements. Reported decisions from any jurisdiction would be useful. Thank you in advance. Mr Ron Paschke Department of Procedural and Clinical Law University of Natal Durban South Africa email: paschke@law.und.ac.za ------------------------------ Date: Mon, 24 Oct 1994 19:38:49 -0700 From: dbatterson@ATTMAIL.COM(David Batterson) Subject: File 3--The Online Future (Review) Some Brief Glimpses at the Online Future by David Batterson Prognosticating the future is always a tricky business. The predictions that turn out to be correct usually are matched by the number of wrong guesses. [Remember the infamous prediction that by the 1980s we would all be flying around in helicopters instead of driving cars? Or that we would have huge wall-hung flat TVs by now?] However, some computer industry people are still willing to stick their necks out and offer their thoughts on the elusive future. Their opinions are their own, and do not necessarily represent the views of their employers. Jack Murphy, president of Practical Peripherals, thinks that being wired is definitely the wave of the future: "The hottest news in computing today is online communications, and there's no end in sight to the impact this will have on virtually every segment of the American public." Ironically, Murphy's remarks were faxed to me, not e-mailed. Leslie Schroeder, a high-tech public relations consultant in Silicon Valley, agrees that the future is electronic mail, but sees a personal touch: "E-mail is reincarnating the age of letter writing. We're keeping in touch the way the Victorians did, building a personal community connected by a constant stream of letters sharing news and gossip. E-mail is reviving the 'letter' as a forum for wit, style, and personality, as well as serving as an invaluable business tool." Tom Almy, a software engineer with Tektronix in Wilsonville, OR, offered his thoughts on what we can expect soon. "PDAs will be as widespread as TVs by 2000. With larger, color screens, long battery life, excellent text recognition, voice and cellular phone capabilities, these units will replace personal planners, telephones, fax machines, and video games." What about prices/storage capacity? "Desktop computing will advance in an evolutionary fashion--more memory and speed as prices drop. Floppy drives and disks will vanish, replaced by writable CDs. Will semiconductor memories replace hard disks?--yes, probably for portable applications." Almy added that "the Information Superhighway will take two paths due to widely-differing visions "one being an information sharing network like the current Internet--(and available to homes using ISDN technology from the phone company--and the other being information provider and home shopping services over cable TV." Charles Jennings, co-founder of the Oregon Multimedia Alliance and author of the "Pluggers" syndicated newspaper comic, offered this bit of insight: "My thoughts about the future of computing are pretty simple. Someday soon, online computing will be the sea we all swim in, and when that happens, it will be the fish--the colorful, complex organisms we are beginning to call 'content'--that matter most." Jennings said his group has high hopes for the future too: "to shorten the implementation period for online, interactive multimedia products and services. Open access to online pathways is a key principle of our organization, as is support for educational and other socially beneficial uses of multimedia technology." Obviously, we can all expect faster and more powerful computers in the future. And while Intel's Pentium chips are getting the lion's share of the CPU business, there are other companies that trying to "chip" away at that. An example is International Meta Systems (IMS) of Torrance, Calif. IMS created the 3250 60Mhz RISC microprocessor with hardware-assisted emulation technology. This lets the 3250 emulate 486 PCs, as well as Motorola's 68040 chip. IMS chips also incorporate special algorithms for speech recognition, image processing and telecommunications functions. IMS President George W. Smith said "I think that speech is the key that will unlock the potential applications for the hand-held computer and communications market." As for this reporter's thoughts on future computer products, I predict a new, not-yet-invented technology will result in high-resolution, laser-quality printers that don't require toner to perform their hard-copy magic. And look for a cheap "Dick Tracy" combo wrist-TV/fax/pager/e-mail device before the year 2000. More personal predictions: within 10 years, cheap and powerful basic personal computers will cost about $100 list price. In 20 years, a typical "home computer" will surpass today's most powerful Cray (and similar) computers in processing power, memory and storage capacity. And all monitors will be super-high-resolution flat-screen type, with images as sharp as a printed color, glossy magazine page. Finally, sometime in the near future--thanks to massive computerization of automobile traffic control--safety on the roads will match the airline safety of today, with relatively few car accidents and deaths per year. It's going to be very exciting, because as Al Jolson said: "you ain't seen nothin' yet." ------------------------------ Date: Tue, 27 Sep 1994 13:54:43 CDT From: mdexter@ops.ota.gov (Dexter, Martha Dir.,Info/Pub) Subject: File 4--OTA Report on Information Security and Privacy released September 23, 1994 *********************************************************** INFORMATION SECURITY AND PRIVACY IN NETWORK ENVIRONMENTS *********************************************************** [The Office of Technology Assessment report "Information Security and Privacy in Network Environments" is now available. The report was released on September 23, 1994. Ordering information and details about electronic access are at the end of this message.] As electronic transactions and records become central to everything from commerce and tax records to health care, new concerns arise for the security and privacy of networked information. These concerns, if not properly resolved, threaten to limit networking's full potential in terms of participation and usefulness, says the congressional Office of Technology Assessment (OTA) in a report released today. Some 20 to 30 million people worldwide can exchange messages over the Internet. Every day U.S. banks transfer about $1 trillion among themselves, and New York markets trade an average of $2 trillion in securities. Nearly all of these transactions pass over information networks. The report "Information Security and Privacy in Network Environments" focuses on safeguarding unclassified information in networks, not on the security or survivability of networks themselves, or on the reliability of network services to ensure information access. Appropriate safeguards must account for--and anticipate-- technical, institutional, and social changes that increasingly shift responsibility for safeguarding information to the end users, says OTA. The laws currently governing commercial transactions, data privacy, and intellectual property were largely developed for a time when telegraphs, typewriters, and mimeographs were the commonly used office technologies and business was conducted with paper documents sent by mail. Technologies and business practices have dramatically changed, but the law has been slower to adapt, says OTA. Information safeguards, especially those based on cryptography, are achieving new prominence. OTA emphasizes that decisions about cryptography policy will affect the everyday lives of most Americans because cryptography will help ensure the confidentiality and integrity of health records and tax returns, speed the way to electronic commerce, and manage copyrighted material in electronic form. Congress has a vital role in formulating national cryptography policy, says OTA, and more generally in safeguarding electronic information and commercial transactions and protecting personal privacy in a networked society. A field of applied mathematics/computer science, cryptography is the technique of concealing the contents of a message by a code or a cipher. The message is unintelligible without special knowledge of some secret (closely held) information, the key that "unlocks" the encrypted text and reveals the original text. Key management is fundamental to security. It includes generation of the encryption key or keys, as well as their storage, distribution, cataloging, and eventual destruction. The federal government still has the most expertise in cryptography, says OTA. As a developer, user, and regulator of safeguard technologies, the federal government faces a fundamental tension between two important policy objectives: fostering the development and widespread use of cost- effective safeguards; and--through use of federal standards and export controls--controlling the proliferation of commercial safeguard technologies that can impair U.S. signals-intelligence and law-enforcement capabilities. The concern is reflected in the ongoing debates over key- escrow encryption and the government's Escrowed Encryption Standard (EES). The Clinton Administration announced the "escrowed-encryption" initiative, often called the "Clipper chip," in 1993. This type of encryption is intended to allow easy decryption by law enforcement when the equivalent of a wiretap has been authorized. The Department of Commerce issued the EES, developed by the National Security Agency (NSA), as a federal information processing standard for encrypting unclassified information in February 1994. The initiative in general and the EES in particular have seen intense public criticism and concern, OTA reports. The controversy and unpopularity stem in large part from privacy concerns and the fact that government-designated "escrow agents" will hold the users' cryptographic keys. Congress has asked the National Research Council (NRC) to conduct a major study, expected to be available in 1996, which would support a broad review of cryptography. OTA presents several options for congressional consideration in the course of such a review. Because the timing of the NRC review is out of phase with the government's implementation of key-escrow encryption, one option would be to place a hold on further deployment of key-escrow encryption, pending a congressional policy review. An important outcome of a broad review of national cryptography policy, says OTA, would be the development of more open processes to determine how cryptography will be deployed throughout society, including the development of infrastructures to support electronic commerce and network use of copyrighted materials. More openness would build trust and confidence in government operations and leadership and allow for public consensus-building. OTA examines and offers policy options for congressional consideration in three areas: 1) cryptography policy, including federal information processing standards and export controls; 2) guidance on safeguarding unclassified information in federal agencies; and 3) legal issues and information security, including electronic commerce, privacy, and intellectual property. Requesters for the report are the Senate Committee on Governmental Affairs and the House Subcommittee on Telecommunications and Finance. OTA is a nonpartisan analytical agency that serves the U.S. Congress. Its purpose is to aid Congress with the complex and often highly technical issues that increasingly affect our society. *************************** * CONGRESSIONAL COMMENT * *************************** Senator John Glenn (D-OH) Chairman, Senate Committee on Governmental Affairs: "In the new electronic age, we are relying more and more on information technology to streamline government, educate our children, make health care more accessible and affordable, and make our businesses more productive and competitive. This rush to embrace a new age of technology must not, however, obscure our ongoing responsibility to protect important information and maintain the personal privacy of citizens. "Because we need policies and practices to match the reality of this new age, I joined with Senator Roth in asking the Office of Technology Assessment (OTA) to study security and privacy issues in the network environment. I am very happy to say that OTA's report provides an excellent summary of these issues. More importantly, OTA spells out clear steps that Congress and the Executive Branch should consider if we are to develop policies and practices equal to the task of providing security and privacy protections in an increasingly networked world. "The Senate Committee on Governmental Affairs, which I chair has already rung warning bells in this area. Our oversight of agency operations has uncovered threats to security and privacy as diverse as foreigners hacking into Department of Defense computers and IRS employees browsing through computerized taxpayer records. We must recognize that new technologies, particularly the development of computer networks, are leapfrogging security and privacy controls designed for a simpler time. Policies and practices for managing paper file cabinets simply are no match for the instantaneous world-wide flow of data through computer networks. "Addressing the needs of this new world demands that we find fair balancing points among often competing imperatives for personal privacy, law enforcement, national security, governmental efficiency, and economic competitiveness. OTA's very insightful report highlights the need for the development of new security and privacy controls, which should be done openly, with thorough debate and public accountability. Therefore, in the next Congress, this Committee will continue its oversight of agency operations and will pursue legislation to ensure that government agencies handle data from citizens and businesses responsibly, and that government employees entrusted with maintaining security are held accountable for breaches or misuse of their responsibilities. "I commend the Office of Technology Assessment for its timely and very insightful contribution to the development of policies and practices that can match the realities of the emerging electronic information age." Senator William V. Roth, Jr. (R-DE), Ranking Republican, Senate Committee on Governmental Affairs: "Since 1988, computer network security breaches have grown dramatically, increasing 50% per year on the Internet --today's information highway. The ability of the government to protect Americans' most private information is at stake. For example, the Internal Revenue Service is among those agencies who rely increasingly on computer networks for such things as filing tax returns. Anyone who pays federal taxes has to wonder who might be browsing through their personal financial data. "We need to recognize the potential danger and act accordingly. Last year, I asked the Office of Technology Assessment to look at such problems and recommend changes. Its report highlights how today's government institutions are poorly structured to deal with information security. Moreover, the report underscores the fact that much more work must be done. I intend to pursue hearings on the report and amendments to the Computer Security Act." *********************************************************** HOW TO OBTAIN THIS REPORT *********************************************************** ORDERING INFORMATION: For copies of the 252-page report "Information Security and Privacy in Network Environments" for congressional use, please call (202) 224-9241. Copies for noncongressional use are available from the Superintendent of Documents for $16.00 each. To order, call (202) 512-0132 (GPO's main bookstore) or (202) 512-1800 and indicate stock number 052-003-01387-8. Or you can send your check or your VISA or MasterCard number and expiration date to Superintendent of Documents, P.O. Box 371954, Pittsburgh, PA 15250-7974 , [FAX (202) 512-2250]. Federal Express service is available for an additional $8.50 per order. For free 8-page summaries, please call (202) 224-8996 or e-mail pubsrequest@ota.gov. ELECTRONIC ACCESS: The full report is available electronically. To download via ftp from OTA, use the following procedures: ftp to otabbs.ota.gov (152.63.20.13) Login as anonymous. Password is your e-mail address. The files are located in /pub/information.security and the file names and sizes are: 01README.TXT (3K) 02ORDER.INFO.TXT (4K) FOREWORD.TXT (3K) ADVISORY.PANEL.TXT (3K) STAFF.TXT (1K) TOC.TXT (2K) CH1.TXT (93K) CH2.TXT (169) CH3.TXT (172K) CH4.TXT (299K) APPC.TXT (36K) APPD.TXT (3K) APPE.TXT (4K) Appendix A--Congressional Letters of Request and Appendix B--Computer Security Act and Related Documents--are not available electronically. *********************************************************** Martha Dexter Director, Information Management Office of Technology Assessment mdexter@ota.gov (202) 228-6233 ------------------------------ Date: Thu, 23 Oct 1994 22:51:01 CDT From: CuD Moderators Subject: File 5--Cu Digest Header Information (unchanged since 23 Oct 1994) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send a one-line message: SUB CUDIGEST your name Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (203) 832-8441. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: from the ComNet in LUXEMBOURG BBS (++352) 466893; In ITALY: Bits against the Empire BBS: +39-461-980493 In BELGIUM: Virtual Access BBS: +32.69.45.51.77 (ringdown) UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/cud/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) JAPAN: ftp.glocom.ac.jp /mirror/ftp.eff.org/Publications/CuD The most recent issues of CuD can be obtained from the NIU Sociology gopher at: tk0gphr.corn.cso.niu.edu (navigate to the "acad depts;" "liberal arts;" "sociology" menus, and it'll be in CuDs. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #6.93 ************************************