Computer underground Digest Sun Dec 8, 1996 Volume 8 : Issue 86 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Field Agent Extraordinaire: David Smith Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #8.86 (Sun, Dec 8, 1996) File 1--Fort Bragg hacker/spy case shrouded in secrecy File 2--Utah High School Hackers Club File 3--Debate on "Fastfoto" as "a scam"? File 4--Censorship on cypherpunks? -- from The Netly News File 5--CDT Policy Post 2.38 - Pres Takes First Steps Towards Clipper File 6--"NEWS ALERT -- Findings Reveal Security Problems in Fortune 1,000 File 7--US Touts Duty-Free Internet (fwd) File 8--Cu Digest Header Info (unchanged since 8 Dec, 1996) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION ApPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Sun, 1 Dec 1996 16:12:56 -0600 (CST) From: Crypt Newsletter Subject: File 1--Fort Bragg hacker/spy case shrouded in secrecy In late October, the Fayetteville Observer-Times started reporting on the trial of Eric Jenott, a Fort Bragg, NC, paratrooper accused of spying. In testimony at a pre-trial hearing on October 23rd, Chief Warrant Officer Lorenzo Clemmons said Jenott had told him he could break into an Army communications system three months before the paratrooper was arrested on spying charges. Clemmons said Jenott told him in March 1996 that the Army's Mobile Subscriber Equipment, carried by hummvee and the Army's equivalent of cellular telephones, computer and fax communications, "might not be as secure as we think . . . " Jenott demonstrated the system's weakness to a supervisor who passed it along to a Major Jerry R. Moore. Moore met with Jenott to discuss the weaknesses. On October 23rd, Jenott's defense attempted to show that statements the paratrooper made to investigators not be allowed as evidence since Moore did not advise Jenott of his rights. In news already published, Jenott's family said that he gave an unclassified Internet access code to a friend from China. The Army maintains Jenott gave secret computer passwords to a Chinese accomplice, named "Mr. Liu." At the hearing, Jenott's lawyer, Tim Dunn, said "Mr. Liu" had left the country and could not be located. According the Observer, the Jenott hearings were shrouded in secrecy. "During the hearing only a few minutes of testimony were open. The hearing was closed to reporters twice when court wasn't even in session," reads a boxed-out quote from the 24th October edition of the newspaper. Security officers for the Army claim some testimony and audiotapes presented at the hearing contain classified information. During a period in which Jenott's lawyer questioned Moore over what he would do if he discovered a soldier had "hacked" into Army systems, Army prosecution objected maintaining Dunn was getting into classified information. More testimony was taken behind closed doors. Jenott's court-martial is scheduled to begin on December 9, according to reports in the Observer. Crypt Newsletter http://www.soci.niu.edu/~crypt ------------------------------ Date: Mon, 2 Dec 96 18:54:40 -0800 From: Gordon Meyer Subject: File 2--Utah High School Hackers Club Officials at Bonneville High School in Ogden, Utah are considering what do with an unofficial "hacking club." A group of students calling themselves the "Bonneville Hacking Society" recently distributed information to other students about how to break into the schools DOS and AutoCAD computer systems. A recent editorial in the local paper, The Ogden Standard-Examiner, points out that disseminating information is perfectly legal and called for a reasonable response from the administration: "While we don't in any way condone the activites of the Bonneville Hacker Society, we do caution school administrators to view the kids' actions in the proper context. [...] What they did was, in most respects, stupid and irresponsible; ...But we should be careful not to overreact in these kinds of situations." ------------------------------ Date: Tue, 12 Nov 1996 14:23:13 -0500 (EST) From: "I G (Slim) Simpson" Subject: File 3--Debate on "Fastfoto" as "a scam"? In Cu Digest #8.79 you included the following response to my post. I have taken the libery of a few resposes of my own (starting debate?). >Dear Sirs, >In Cu Digest #8.73, you included a note from Slim Simpson, warning of a potential scam of >some sort by a company by a Fastfoto of Pomano Beach, Florida. In the header the author >suggested that he was unsure of whether it was appropriate for the CU-Digest or not, and >personally I think it was not. >Obviously Mr. or Ms. Simpson, was frustrated at the inability to lash out at the person who had >spammed their mailbox. It's Mr. Why *obviously frustrated*? Why *lash out*? I don't like spam but I reply "Please take me off your list." Most do. When people asking me to send money have a false e-mail address, no phone number, and no fax number I smell scam. I forwarded same to Cu Digest. > Lately, with more an more newcomers to the net, I have noticed that one thing they seem to >find out quickly is their supposed right to be spamless, and their little private electronic >domain, called their mailbox. I am not a newcomer to the net. >Many of these same people invite advertising material like flyers, magazines, coupons, to their >household door or mailbox on a daily basis, but never confront these advertisers. Advertising >material created by the decimation of forests, pollution of the environment by the processing >of such, and ending up as filler for our garbage dumps. Mine ends up in my woodstove. > Amazingly only 4% of the recipients will ever be interested in the message that these >advertising materials contain. >Yet this person will strike out from their armchair, in their little form of civil protest against an >action they do not agree with, in relative obscurity. Mean while they sit passively while shots >are fired outside their home, children are being abused, homeless people starve, and guard >the sanctity of their mailbox. Shots *are * fired outside my home. I live on the water and it's duck season. But in Summerstown, Ont, Canada, there's no child abuse and no homeless people that I know of. If I hear of any it will be reported. >The bottom line is they could have just deleted the note, went on their merry way and ignored >the invasion of privacy. Instead they chose to track this down, and highlight it in some sort of >shroud of scam and sent it in to CU-Digest, after their inability to express their displeasure to >the offending party. I should ignore *possible* spam; never warn others about it? >Personally I would accept my mailbox having a few useless nuisance messages, from >recyclable electrons if it meant stopping the destructive process of our current advertising >means. Maybe it was not a spam. Maybe they just left their email address off to protect >themselves from individuals who want to stop this method of advertising Maybe they thought >they might end up scanning material of a questionable nature, considering the way certain >individuals are communicating with other individuals today. Maybe they should have added >the word Adult, then their obscurity would make more sense And maybe they just wanted me to send money. >There were people who did not like the introduction of the printing press at one time either, >and of course they are no longer living. I just think that this message was NOT appropriate for >the CU-Digest, but hopefully will spark debate. You've made your point. And you think that I was so *frustrated* that I had to *lash out*. The fact that there was no way to communicate with the company to me was suspicious. I don't consider sending Cu Digest a short, ironic, message about it is lashing out. And since when is the environment a fit subject for Cu Digest? (But, I, for one, am content to let the moderator decide). Slim Simpson >The thousands of people who regularly send a message to someone who has spammed >them, just has to lighten up, and learn how to use some filtering software. Then maybe >everyone can communicate without destroying our environment. >This is just my opinion, on recyclable material I might add, :)). >Jeffrey Hinchey ------------------------------ --=====================_847837132==_ Content-Type: TEXT/PLAIN; CHARSET=us-ascii Content-ID: Content-Description: Beowulf How ceaselessly Grendel harassed...... --=====================_847837132==_-- ------------------------------ Date: Tue, 12 Nov 1996 09:34:15 -0800 (PST) From: Declan McCullagh Subject: File 4--Censorship on cypherpunks? -- from The Netly News From -- fight-censorship@vorlon.mit.edu The Netly News http://www.netlynews.com/ November 11, 1996 Cypher-Censored By Declan McCullagh (declan@well.com) The cypherpunks mailing list, so legend goes, coalesced around two principles: the dissemination of strong encryption and an absolute commitment to free speech. It was a kind of crypto-anarchist utopia: Here was a place where anonymity was encouraged and PGP-signed postings were the norm -- and nobody seemed to be in control. That is, until recently, when Dimitri Vulis was given the boot. After he refused to stop posting flames, rants and uninspired personal attacks, Vulis was summarily removed from the mailing list. Now, normally, when someone gets evicted from a mailing list, it excites little attention. But here was an ironic -- some would say momentous -- event: The list is run, after all, by John Gilmore, the EFF cofounder, a cypherpunk god who is famous for having once said that the Internet interprets censorship as damage and routes around it. And it was none other than Gilmore who gave Vulis the boot. The shunning of Vulis was "an act of leadership," Gilmore said. Thus began a debate over what the concept of censorship means in a forum devoted to opposing it. Did Gilmore have the right to show Vulis the virtual door? Or should he have let the ad hominem attacks continue, encouraging people to set their filters accordingly? The incident raises deeper questions about how a virtual community can prevent one person from ruining the forum for all and whether only government controls on expression can be called "censorship." Vulis, a 31-year old Russian emigre who completed a PhD in mathematics last year at the City University of New York, is described as sociable, even friendly, by people who have met him. Online, though, he's almost notorious. His .sig file, for instance, proudly points out that he's a former Kook of the Month; Vulis was also a Net-legend and even has the alt.fan.dimitri-vulis newsgroup named after him. Vulis portrays himself as a victim, but as I posted to the list last week, I disagree. Anyone who's spent any time on the 100-plus-messages-a-day list can read for themselves the kind of nasty daily messages that came from Vulis's keyboard. The list is on Gilmore's machine and he can do what he wants with it; he can moderate the postings, he can censor material, he can shut the whole thing down. By kicking off an offending user, a list owner merely exercises his property right. There's no government involvement, so the First Amendment doesn't apply. And the deleted, disgruntled user is free to start his own mailing list with different rules. But then the question is whether Gilmore should have exercised that right, especially in such an open forum. Again, I think Gilmore's actions were justified. Consider inviting someone into your home or private club. If your guest is a boor, you might ask him to leave. If your guest is an slobbish drunk of a boor, you have a responsibility to require him to leave before he ruins the evening of others. Eugene Volokh, a law professor at UCLA, runs a number of mailing lists and has kicked people off to maintain better editorial control. Volokh says that the most valuable publications are those that exercise the highest degree of editorial control. But what if your private club's express purpose is to cherish free speech? That's where the terrain gets mucky. One 'punk wrote: "For someone who espouses freedom of speech to arbitrarily censor someone is indeed hypocritical." Another called it a "big cypherpunkish move" that couldn't be condoned "even bearing in mind the inane and wearisome behaviour of Dr. Vulis." Still others said that this demonstrated that "libertarianism can't work without some measure of authoritarianism." (Libertarianism being the primordial flame war topic, the debate nearly consumed itself at this point.) Vulis told me yesterday: "I'm particularly disappointed by John Gilmore's actions. I've known him and communicated with him before. His treatment of me was rude and unprofessional and inappropriate." In posts to the mailing list, Vulis levels the additional criticism that it was "arbitrary and capricious" and that he was not notified that he would be forcibly unsubscribed. This week Vulis busied himself by saying that now Gilmore can be sued for what happens on cypherpunks, arguing that the list owner is exercising greater control and so is subject to greater liability. Of course, in this country anyone can sue for anything. But it's highly unlikely the suit would go anywhere. Solveig Bernstein, a lawyer with the Cato Institute, says: "Chances are in a defamation lawsuit he'd be treated like a publisher or bookstore owner.. They exercise some control over content and enjoy pretty broad immunity from lawsuits." For his part, Gilmore calls removing the Russian mathematician "an act of leadership." He says: "It said we've all been putting up with this guy and it's time to stop. You're not welcome here... It seemed to me that a lot of the posts on cypherpunks were missing the mark. They seemed to have an idea that their ability to speak through my machine was guaranteed by the Constitution." What does Vulis's ouster mean to the community that sprang up around this mailing list, of which he had been a member for nearly three years? Many of his peers think he did it for attention or notoriety; one longtime list-denizen declined to be interviewed for fear of encouraging him. (If that's his goal, he's already succeeded. Will Rodger from Inter@ctive Week and Lewis Koch from Upside Magazine are writing about this.) Other cypherpunks wonder why Vulis is abrasive online, yet mild-mannered in person; Gilmore likened him to "a Jekyll-and-Hyde personality." The flap comes at a time when other prominent cypherpunks are leaving, citing too many flames and too little content. Perry Metzger, another longtime member, announced last month he would start his own, moderated mailing list. The hard-core programmers have moved on. Yet the list membership has never been higher, at 1,949 direct subscribers. And the cyber-rights issues the group discusses have never been more important. Ironically, tools like anonymous remailers that the cypherpunks labored to create now make it impossible to get rid of Vulis completely. Blocking posts from remailers is unthinkable to the cypherpunks. So the embattled Russian =E9migr=E9 continues to read the list under a pseudonym and appears to be posting as frequently as ever. But perhaps Gilmore succeeded in part. If not more polite, Vulis's messages now are at least on-topic. ------------------------------ Date: Mon, 18 Nov 1996 18:56:33 -0500 From: Bob Palacios Subject: File 5--CDT Policy Post 2.38 - Pres Takes First Steps Towards Clipper Source - fight-censorship@vorlon.mit.edu The Center for Democracy and Technology /____/ Volume 2, Number 38 ---------------------------------------------------------------------- A briefing on public policy issues affecting civil liberties online ---------------------------------------------------------------------- CDT POLICY POST Volume 2, Number 38 November 18, 1996 CONTENTS: (1) President Takes First Steps Towards Clipper 3.1.1 (2) Details of the Executive Order (3) How to Subscribe/Unsubscribe (4) About CDT, contacting us ** This document may be redistributed freely with this banner intact ** Excerpts may be re-posted with permission of ** This document looks best when viewed in COURIER font ** ----------------------------------------------------------------------- (1) PRESIDENT TAKES FIRST STEPS TOWARDS CLIPPER 3.1.1 In a move that leaves major unanswered questions about the privacy of global communications on the Internet, President Clinton has taken the first concrete steps towards implementing the government's controversial key recovery encryption proposal. On Friday November 15, the President appointed an ambassador-level "Special Envoy for Cryptography" and signed an Executive Order that gives the Commerce Department jurisdiction over encryption exports but includes the Justice Department in all such export decisions. These developments do little to change the underlying regulations on encryption that have prevented the development of a strong worldwide encryption standard needed to protect privacy and security on the Internet. The full text of the executive order and other relevant background materials are available on CDT's Encryption Policy Page: http://www.cdt.org/crypto/ Friday's White House announcements demonstrate the Administration's commitment to its dangerous key recovery approach to worldwide encryption. This approach fails to meet the fundamental privacy needs of computer users and industry because: * International communications are still vulnerable since products sold by the dominant U.S. hardware and software manufacturers must conform to U.S. export controls. * Key recovery won't protect privacy internationally and institutionalizes a global government surveillance mechanism without privacy safeguards. * U.S. exports are still controlled and uncompetitive making it harder for the market to develop a secure global encryption standard. The Administration policy, initially announced on October 1st and dubbed "Clipper 3.1.1," leaves Internet users without the technical means to secure their communications or the international legal standards needed to protect their privacy. In other developments this week, Hewlett-Packard and other companies announced preliminary approval to export new "dormant encryption" products, which contain strong encryption that can only be activated with a special license. While this new architecture is expected to make it easier for industry to market encryption products, this technology does not change the underlying privacy problems created by the Administration's export control policy. Granting of licenses to use strong encryption will still be subject to the current export controls limiting key length and requiring key recovery for strong encryption. CONTINUING A DANGEROUS KEY RECOVERY POLICY The Administration's announcements mark the first real steps towards implementing an approach to encryption policy based on the dangerous and untested idea of global key recovery. This approach would institutionalize worldwide governmental access to encrypted communications without providing any privacy standards for electronic communications or stored data. The Administration's approach leaves computer users at risk operating on a global network without the technical security provided by strong encryption or the legal privacy rights afforded here in the United States by the Fourth Amendment and federal law. For example, the Administration policy would not solve the following privacy problems: * International communications are still vulnerable. For example, an American individual doing business with someone in France would still be forced to use weaker forms of encryption, or use key recovery systems that make their communications accessible to law enforcement officials of both countries. * Key recovery won't protect privacy internationally. A Chinese dissident communicating with supporters in the U.S. and fearful of weaker encryption would be to forced to use key recovery. The Administration indicates that such key recovery mechanisms would be based on bilateral key-access arrangements between governments. Even if the dissident's keys were recoverable only in the U.S., such a global key access policy would almost certainly make those keys accessible to the Chinese government. If the United States expects China to assist U.S. law enforcement with key recovery for issues of national interest, such as anti-piracy efforts in China, we can also expect China to require U.S. disclosure of keys to its law enforcement community. * Exports are still controlled and uncompetitive. A Japanese company using exportable U.S. encryption products would be forced to use lower strength encryption -- or use an key recovery agent approved by the U.S. law enforcement community. This is unlikely to help the global market develop a worldwide standard for secure communications. As a result of this policy, computer users all over the world will be left with a lowest common denominator infrastructure that does not provide for either technical security or legal privacy for sensitive communications and data. CDT believes that any workable U.S. encryption policy must be designed to protect the privacy and security of Internet users. ---------------------------------------------------------------- (2) DETAILS OF THE EXECUTIVE ORDER The Executive Order signed by the President on Friday does not change the type of encryption products that will be exportable. Rather, it lays the groundwork for the eventual transfer of encryption export control jurisdiction from the State Department to the Commerce Department pending Final Regulations by both departments. Encryption exports have traditionally been regulated as "munitions" controlled by the State Department. While the Commerce Department is widely viewed as more sensitive to the needs of business and individual encryption users, Commerce is still constrained by Administration encryption policy. Additional provisions of the Executive Order indicate that the Commerce Department's encryption controls will continue to be dominated by law enforcement and national security interests: * New Justice Department role in export review committee -- In an unusual step, the Order adds the Justice Department to the interagency group reviewing Commerce encryption export decisions. * Source code treated as a "product" -- The Order specifically singles out encryption source code to be given the stricter review scrutiny of a "product" rather than a "technology." * Broad definition of export -- The export of encryption source code or object code is extended to explicitly include posting to FTP sites or electronic bulletin boards unless "adequate" precautions are taken to prevent transfer abroad. As reflected by a recent Federal Court finding in the CDA indecency case that Internet users rarely have control over the parties accessing materials via FTP, Usenet, or the Web, this provision could have the chilling effect of preventing most dissemination or discussion of new cryptographic tools on the Internet. The Administration's announcements will have little effect on the existing encryption privacy problem unless the underlying policies governing the export and use of encryption are changed. These announcements do little to address the unanswered questions about how privacy will be protected in the key recovery system envisioned by the Administration. APPOINTMENT OF THE "SPECIAL ENVOY FOR CRYPTOGRAPHY" On Friday the President also designated Ambassador David L. Aaron as the new "Special Envoy for Cryptography." According to the White House, this Special Envoy will have "responsibility to promote the growth of electronic commerce and robust, secure global communications in a manner that protects the public safety and national security. . . . Ambassador Aaron will promote international cooperation, coordinate U.S. contacts with foreign governments on encryption matters and provide a focal point for identifying and resolving bilateral and multilateral encryption issues." Ambassador Aaron is currently the U.S. Ambassador to the OECD. CDT hopes that the new Special Envoy, as a representative of the United States, will work to represent the needs of Americans to communicate privately in the currently insecure global environment. Until now, U.S. encryption representation abroad has been dominated by law enforcement and national security interests. CDT hopes that the new Special Envoy will also consult with the computer user community, consumers, privacy advocates, and industry to promote their need for secure networks worldwide. NEXT STEPS In the coming months, both the Department of Commerce and the State Department must issue rules to implement the Administration's new encryption policy. * The State Department will issue a rule transferring its jurisdiction of encryption licensing to the Commerce Department. * The Commerce Department will issue rules spelling out exactly how it will approve products for export, and what the requirements for approved key recovery centers and key recovery plans will look like. CDT hopes and expects that the Administration will provide an opportunity for public comment in the rulemaking process to allow input from those concerned about privacy and security in the formulation of U.S. encryption policy. ----------------------------------------------------------------- (3) SUBSCRIPTION INFORMATION Be sure you are up to date on the latest public policy issues affecting civil liberties online and how they will affect you! Subscribe to the CDT Policy Post news distribution list. CDT Policy Posts, the regular news publication of the Center For Democracy and Technology, are received by nearly 10,000 Internet users, industry leaders, policy makers and activists, and have become the leading source for information about critical free speech and privacy issues affecting the Internet and other interactive communications media. To subscribe to CDT's Policy Post list, send mail to policy-posts-request@cdt.org with a subject: subscribe policy-posts If you ever wish to remove yourself from the list, send mail to the above address with a subject of: unsubscribe policy-posts ---------------------------------------------------------------- (4) ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY/CONTACTING US The Center for Democracy and Technology is a non-profit public interest organization based in Washington, DC. The Center's mission is to develop and advocate public policies that advance democratic values and constitutional civil liberties in new computer and communications technologies. Contacting us: General information: info@cdt.org World Wide Web: URL:http://www.cdt.org/ FTP URL:ftp://ftp.cdt.org/pub/cdt/ Snail Mail: The Center for Democracy and Technology 1634 Eye Street NW * Suite 1100 * Washington, DC 20006 (v) +1.202.637.9800 * (f) +1.202.637.0968 ------------------------------ Date: Mon, 25 Nov 1996 07:47:13 -0500 (EST) From: Noah Subject: File 7--US Touts Duty-Free Internet (fwd) ((MODERATORS' NOTE: Thanks to Noah for the steady flow of information he has provided over the year. He has his own small and private newsgroup that covers computer information and humor -- jt) Source -Noah ---------- Forwarded message ---------- Date--Mon, 25 Nov 1996 10:12:05 +0200 From--shaw To--ietf Subject--US Touts Duty-Free Internet Thought this would be of significantly high interest to the list to warrant posting it. The article should appear in the press within the next few days... Bob ******************************** Forwarded with permission - Copyright 1996 Communications Week International. U.S. touts duty-free Internet BY KENNETH HART In a bid to abolish trade barriers and boost exports, the United States is proposing to declare the Internet a global duty-free zone for all electronic goods and services. But the plan, which proponents said would expand the market for electronic 'content,' has been criticized by governments wary of 'info-imperialism' and politicking. The new policy, designed to pre-empt any attempts to impose customs duties or other new Net taxes, will apply to all electronic items and services purchased across the Internet in the United States and abroad, said senior White House officials. The proposal, to be discussed with senior European Commission representatives at a meeting in Brussels next week and with world trade representatives shortly afterwards, is part of a broad administration public policy initiative by President Bill Clinton's administration to spur electronic commerce across the Internet. Under the proposal, only goods and services bought and delivered electronically would be exempt from tariffs and taxes. Material items, such as a modem purchased electronically from a Web site, will not be included. The proposal--which may ultimately require the backing of a Republican congress as well as international approval--will almost certainly face stiff resistance from local state governments and other countries that fear electronic commerce over the Internet will erode their current revenue base. It has received qualified support from leading figures in the Internet community, who caution against overly-ambitious political intervention. But free trade enthusiasts and U.S. software companies called the move a giant leap towards the creation of a stable, predictable market for global electronic commerce. "This is marvellous," said Tony Rutkowski, vice president for Internet business development at software maker General Magic Inc., of Sunnyvale, California. Industry observers say the U.S. initiative, to be lead by Ira Magaziner, senior White House policy adviser to President Bill Clinton, throws the spotlight on the difficulty that sovereign governments have in tracking, let alone taxing, exchanges of data across the global network of networks. This borderless, lawless nature has been a key element in the Internet's phenomenal global growth. But there is now a widespread belief that, if the Internet is to be accepted as the medium for electronic commerce around the world, it needs a coherent set of legal guidelines and principles. The White House's sweeping Internet initiative represents a new, "minimalist" role that the U.S. government intends to play, senior officials said. Instead of firmly regulating the Internet according to the traditional telecommunications model, White House officials said government emphasis will be on ensuring users can conduct business within a proper commercial environment. Exact details on the Internet electronic initiative remain to be worked out. For example, a few officials said the duty-free proposal may only be applicable to goods and services valued under $50. The aim is to ensure that Net commerce is unencumbered by customs duties or any forms of taxation such as a bit tax, where charges would be levied in proportion to the amount of data flowing across communications networks, which is currently under consideration in Europe. The Clinton initiative is not specifically aimed at abolishing value added tax for electronic goods--European opposition to such a move is likely to be fierce. But Washington officials acknowledge that the U.S.'s tacit admission that taxes are difficult to levy over the Net may undermine countries currently in favor of imposing VAT. Nevertheless, U.S. officials argue that a free-trade zone will boost overall transactions, increasing state revenues through conventional income taxes. If adopted, the duty-free zone will increase sales of software and other items of intellectual propriety over the Internet, said Peter Harter, public policy counsel at Netscape Communications Corp., of Mountain View, California. In addition to the duty-free proposal, a white paper outlining initiatives, to be published in its final form by next spring, will also contain policy guidelines in areas such as data privacy, electronic payment, intellectual property rights and technical standards. Already the Clinton administration has submitted drafts containing some of the key ideas to the World Trade Organization, the World Intellectual Propriety Organization, the Organization of Economic Cooperation and Development (OECD), and other organizations, as the basis for multinational negotiations, said senior officials. It hopes its white paper will dovetail with a variety of Internet-related issues already being tackled by the OECD, including taxation and encryption, said officials at the Paris-based organization. A high-level European Community workgroup is preparing a report on the technical and economic feasibility of taxing flows of digital information, said Luc Soete, professor of international economics at the University of Maastricht and director of an economic research group that works on Internet taxation issues. Privately, however, several top EC officials said they oppose the idea. One senior EC official said the Clinton administration's Internet trade proposal smacks of "U.S. info-imperialism" specifically designed to aggressively boost exports. Not so, said General Magic's Rutkowski. He said a duty-free zone may ultimately help companies, especially those from developing nations, to compete more effectively around the world to the disadvantage of U.S. firms. Other governments are expected to react apprehensively to the new proposal when it is fully discussed at the World Trade Organization meeting in Singapore early next month. Another observer called the proposal a political gesture--the unofficial launch of U.S. vice president Al Gore's presidential campaign for the year 2000. Leading Internet figures, meanwhile, welcomed the government's proposal--albeit with some skepticism. The duty-free proposal is "a step in the right direction," said Scott Bradner, director of Harvard University's network device test lab in Cambridge, Massachusetts, and a leading member of the Internet Engineering Task Force (IETF). But he and other IETF members warned against any "top-down approach" by policy makers who are often unfamiliar with the Internet's technology and operations. While policy makers and diplomats try to hammer out global Internet agreements, many in the Internet community suggest a more pragmatic approach. ------------------------------ Date: Thu, 21 Mar 1996 22:51:01 CST From: CuD Moderators Subject: File 8--Cu Digest Header Info (unchanged since 8 Dec, 1996) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (860)-585-9638. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: In BELGIUM: Virtual Access BBS: +32-69-844-019 (ringdown) In ITALY: ZERO! BBS: +39-11-6507540 In LUXEMBOURG: ComNet BBS: +352-466893 UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/CuD ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #8.86 ************************************