Previous Next Index Thread

Cu Digest, #7.83

Computer underground Digest    Sun  Oct 22, 1995   Volume 7 : Issue 82
                           ISSN  1004-042X

       Editors: Jim Thomas and Gordon Meyer (TK0JUT2@MVS.CSO.NIU.EDU
       Archivist: Brendan Kehoe
       Shadow Master: Stanton McCandlish
       Field Agent Extraordinaire:   David Smith
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Cu Digest Homepage: http://www.soci.niu.edu/~cudigest

CONTENTS, #7.82 (Sun, Oct 22, 1995)

File 1--Do Not Visit This Address or Call This Phone Number
File 2--Attention Spammers: The War Has Started
File 3--(fwd) PSU Student Challenges "Asatru" Email address (fwd)
File 4--Giant Black Book of Computer Viruses
File 5--Cu Digest Header Info (unchanged since 18 Oct, 1995)

CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.

---------------------------------------------------------------------

Date: Fri, 20 Oct 1995 00:00:37 -0500
From: TELECOM Digest (Patrick Townson) <telecom@DELTA.EECS.NWU.EDU>
Subject: File 1--Do Not Visit This Address or Call This Phone Number

((MODERATORS' NOTE: Pat Townson, editor of TELECOM Digest, and the one
responsible for the birth of CuD in March, 1990, wins "Net-warrior of
the week" award for his marvelous job of outing the "Spam King")).


A nemesis of many on the Internet in recent weeks is a fellow known as
Spam King. He has trashed hundreds of newsgroups with his messages, and
this includes comp.dcom.telecom recently. I spent some time Thursday
locating him.

Spam King is Jeffrey A. Slaton of Albuquerque, NM as he admitted to me in
a phone conversation this evening.

Here is what I know for a fact:

According to the phone company in Albuquerque, NM, the phone number

505-821-1945 is listed to  'J.A. Slaton'
             address withheld at the customer's request.

When you dial that number which *always* goes to voice mail, try this
little technique ...

   The instant it answers, press the * key.  The voicemail
   system will respond saying,

      "We are having a problem right now, please do not hang up.
       To leave a message, enter the number of the person you are
       calling. To listen to your messages, press the # key."

   When you press the # key, another voice asks you to enter your
   telephone number (meaning of course, Jeff's phone number) ...
   so you enter once again 505-821-1945. Of course, since you are
   not Jeff, don't do this.

   You immediatly hear the name of the mailbox owner stated:

                    "Jeff Slaton"   (pronounced Slay - ton)

   And you are then asked to enter your (meaning his) password
   to pick up your messages.      grin ....

   I really have to wonder who he thinks he is messing around
   with ....

   Now would someone be so stupid as to use SPAM KING as thier
   password?  (using the associated digits on the dial). Well
   no, he did not use that, but I am not going to say what
   password he *is* using.  That might be illegal and might be
   construed as me encouraging others to loot and destroy his messages.

      I'll let others of you figure it out, since after
      all it is against the law to hack someone's voicemail.

   This appears to be just your typical phone company voicemail
   system. It is NOT a 'D.I.D.' (direct inward dial) number to
   a voicemail system ... it *is* a number in his home that is
   just always left to go to voicemail.

              ================================

Speaking of homes, were *does* Jeffrey A. Slaton live?  Well, I located
him as follows:

                Jeff A. Slaton
                6808 Truchas Drive NE
                Albuquerque, NM  87109

The phone number he actually answers on is 505-822-8919. He gets a
woman who lives there to answer the phone; he hides behind her skirt.
I got him to come to the phone and speak to me with some persistence.

Naturally when dialing, if one wishes to preserve one's privacy one
will prepend *67 to the dialing string, or do as the phreaks did years
ago before the new-fangled phone system was invented and just run
through a few loop-arounds or a couple of MCI dialups or whatever.

Of course, readers are reminded that phone harassment is illegal and
ransacking and looting of other people's voicemail is also quite
illegal. Nor is it recommended that visitors without appointments
drop in to see him at his home or try anything violent like smashing
or busting up computers, modems, etc.  That sort of thing just will
never, never do ... not in a civilized America or on a civilized net.
I mean, we are still pretending that we have a modicum of civility
here, right?

I don't want to hear any reports back about people trashing that
telephone number (505-822-8919) so badly that the phone company is
never able to re-assign it to anyone or about how someone went out
there to 6808 Truchas Drive NE and busted up little Jeffy's toy computer.

When he spammed my newsgroup, and rode express right through my
mailing list a couple days ago, he got me ... well, let's say
'annoyed'.


PAT
TD Editor

PS: You might want to let others know about this fellow so that when
they are confronted with messages from Spam King they'll know who to
see about it.  Of course, in the process of posting this around, do
not start spamming yourself.  <grin> ... none the less, when you see
some of Spam King's work, let Jeff know how you feel about it, and
be sure to mention the newsgroup(s) where you saw his stuff. He'll
appreciate that.

------------------------------

Date: Sun, 22 Oct 1995 03:23:08 -0500
From: TELECOM Digest (Patrick Townson) <telecom@DELTA.EECS.NWU.EDU>
Subject: File 2--Attention Spammers: The War Has Started

I don't know about the rest of you, but all this spamming in recent months
has really started to get me irritated. I think one solution worth looking
into is that of *spamming back at the spammers*.

Since *they* do not seem to care what sort of irrelevant junk they sent
out to every newsgroup and mailing list they can find, I see no reason
why netters can't simply return the courtesy, armed with such details
as:

     home address,
     home phone number,
     social security number of the spammer when known,
     banking information of the spammer when known,
     other personal details, etc.

Then, I'll leave it to your imaginations as to how to best deal with
the inconsiderate boobs who have trashed the net to the point of it being
almost useless in recent months.

Listen to them squeal like stuck pigs when the place *they* get *thier*
messages and mail gets loaded with spam ... listen and watch how they
carry on when their telephone number becomes so polluted they have to
have it changed time and time again ... smile ... oh, there are people
who can make those things happen. You can even be taught how if you
don't already know the techniques used.

And imagine the fun to be had by all with Jeff 'Spam King' Slaton's
social security number and banking information ... <even bigger grin> ...
Jeff sees nothing wrong with invading *your* privacy does he?  You are
gonna worry about his?

Here is the data on Jeff once again in case you missed it, and then we
will move on to a new assignment:

Jeff A. Slaton
6808 Truchas Drive NE
Albuquerque, NM  87109
Phone: (505)822.8919   personal answer, but lately on an answering
                       machine. press '2' for Jeff, do not bother
                       the rest of the family.

Voicemail: (505)821.1945    once it answers, press * and listen to
                       the voicemail system's response. Enter the
                       proper numbers, etc as required.

I'm doing a social security number trace on him now, and trying to
find out where he banks. I'm not certain, but I think he has some
other employment as well. If so, spam will be needed there also.
Details provided when available. In the meantime, let's get busy with
letters and phone calls to Jeff, letting him know how concerned we are
about his attitude. When you write or call Jeff, be sure to let him
know the newsgroup and site where you saw *his* spam. He'll appreciate
knowing you are concerned about him as a net citizen.

               --------------------------------

Now let us direct our attention to the magazine club ... you know, the
one all the 'international students' are raving about ... the one that
Janet Dove introduced us to and Patricia Eng (president of the
international students association) has been reminding us about with
30,000 byte, thousand line messages recently posted in dozens of
newsgroups. Here is a header from a recent spam sent to me for my
list -- thank God I still maintain telecom manually, else this crap
would have gone out.


This first part merely says that it arrived at our site, was delivered
to my mail filter, processed through the filter according to my
instructions, then remailed to me !absolutely!, bypassing the filter.
Can't just drop things in the mail spool after filtering them, it may
cause race conditions, file overwriting, etc.

        From telecom Sat Oct 21 17:50:45 1995
        Received: by delta.eecs.nwu.edu (8.6.12/8.6.12) id RAA24689 for \telecom; Sat,
 21 Oct 1995 17:50:44 -0500
        Date--Sat, 21 Oct 1995 17:50:44 -0500
        From--TELECOM Digest (Patrick Townson) <telecom@delta.eecs.nwu.edu>
        Message-Id: <199510212250.RAA24689@delta.eecs.nwu.edu>
        To: \telecom@delta.eecs.nwu.edu
        Status: R

Now, here is where the fun starts. Notice how the sender of the mail
used certain flags in sendmail to diddle up the 'From ' and 'From:'
lines, thinking they could avoid detection.

Essentially what we see is, my site (delta) got it from our network
mail machine (zeta) which got it from cornell. Cornell got it from
ixc.net who in turn got it from 205.230.67.30.  Hmmm ... well that
turns out to be something called ppp30.ingress.com. Now maybe it
came from there or maybe the person just put that there.

        >From For.a.prompter.reply.please.fax@If.you.do.not.have.a.fax.smail.is.ok  Sat
 Oct 21 17:50:41 1995
        Received: from zeta.eecs.nwu.edu by delta.eecs.nwu.edu (8.6.12/8.6.12) with
 ESMTP id RAA24676 for <telecom@delta.eecs.nwu.edu>; Sat, 21 Oct 1995 17:50:38
 -0500
        Received: from cornell.edu by zeta.eecs.nwu.edu (8.6.12/8.6.12) with ESMTP id
 RAA09521; Sat, 21 Oct 1995 17:50:36 -0500
        Received: from [205.230.67.30] (pm1-41.ixc.net [198.70.48.41]) by cornell.edu
 (8.6.12/8.6.12) with SMTP id QAA01200; Sat, 21 Oct 1995 16:12:29 -0400

Note that when you trick the mail network by using certain sendmail 'flags'
which allow you to diddle up your 'name' into something goofy like
this, if you are not considered a 'trusted user' at your site -- that
is, your name is in a certain file -- then the (unverified) comment
will appear; sometimes it will be shown as 'authentication warning'.

        X-Sender: For.a.prompter.reply.please.fax@If.you.do.not.have.a.fax.smail.is.ok
 (Unverified)

Let's assume for now the message ID number was generated by the site.
Let's also assume that the person who dumped this load on the net
is NOT the postmaster there. I know, even that is a big assumption
these days; but let's assume the postmaster is straight ...

        Message-Id: <v01530526acaf0267262c@[205.230.67.30]>

We now need to send a note to 'postmaster@ppp30.ingress.com' and ask
that person if s/he will be so kind as to check the site logs and
see if it can be detirmined WHO is the actual user who accessed
sendmail at 16:48 on Saturday, October 21 to send mail with the
Message-ID shown above. You might want to cc 'postmaster@ixc.net'
at the same time. Sendmail should have logs of who accesses it,
regardless of what that person makes sendmail say to the outside world
later on.

        X-Priority: 1 (Highest)

Yeah, right. The highest priority my dear. You *will* be given close
attention in the next few days, believe me you ...

        Date--Sat, 21 Oct 1995 16:48:12 -0500

Note although ppp30.ingress sent it out at 16:48, Cornell says they
got it at 16:12. That's because Cornell is on a different time zone
than ingress apparently. In effect, they got it 24 minutes after it
was sent out.

Now notice TO WHOM it was written and FROM WHOM it was sent ...

        To: For.a.prompter.reply.please.fax@If.you.do.not.have.a.fax.smail.is.ok
 (Patricia Eng, President, Association of International Students, Australia-New
 Zealand Chapter)
        From--For.a.prompter.reply.please.fax@If.you.do.not.have.a.fax.smail.is.ok
 (Patricia
         Eng, President, Association of International Students, Australia-New
         Zealand Chapter)

Bogus From and Bogus (identical) To -- so with a 'To' line like the
above, how did I get a copy over here, and how did you get one (if you
did)?

Well this tells us there must have been one or more bcc's ... 'blind
courtesy copy'  or do you say 'carbon copy' like me, the old fart that
I am going back to carbon paper and typewriter days?

Anyway, there is a bcc involved. It is a great way to send out mail to
a huge list of people (or LISTS of people) without any of them knowing
who the others are. I do it all the time with my mailing list to keep
the names on the list from seeing the other names: I send it from
myself to myself with a bcc that has a few thousand names!


        Subject--*** ===>> World's *Cheapest* Way to get USA Magazine Subscriptions
 delivered to
         *any* country (1,500+ USA titles to choose from).

Mercifully, we shall skip most of this tripe; we all know what Janet
Dove and now Patricia Eng have done: recently they joined a magazine
subscription club in the USA.

Janet Dove told us that she was 'a busy student' and would have no
time for replies, so please do not write to her.

Well, unfortunatly for her, a lot of you did write. Flames and more
flames. Obscene letters, hate letters, you name it.  Janet got the
good trashing she deserved. It got so bad the magazine people had
to change their address, phone and fax number.

        ---> PLEASE NOTE THE NEW FAX # AND NEW SMAIL ADDRESS, AS SHOWN BELOW.   TO
        RETURN THE "REQUEST FOR MORE INFO" FORM TO.  THE OLD ADDRESS AND FAX # ARE
        NO LONGER FUNCTIONAL. <---

        You will get a quick reply via email within 1 business day of receipt of
        the info request form below.


This time, they got smart ... but they're not as smart as you, are
they folks?   Grin ... they say, 'our fax machine is set up to only
accept one page, and then disconnect.'

Gee, I wonder why?   Is it because so many of you folks last time
around set your fax up with a mobious loop of paper which went round
and round all night causing Janet's machine to waste all its paper?
They say, "gotcha!  it won't work this time, internet dudes ... this
time we take one sheet of paper only from you ... and we cut you off!"

        ----> IMPORTANT NOTICE FOR THOSE FAXING IN THEIR REPLY:
        (*please* make sure there is *no* cover page and your fax is only 1-page, as
        their fax is set-up to receive only 1-page faxes.  Your fax goes directly onto
        their 4.2 gigabyte computer hard drive, not paper, and  all incoming fax
        calls are set-up to
        be auto-terminated at the start of the 2nd page, in order to allow space for
        everyone's replies to be received.. <----

*** No, what they mean is, 'in order for your hostile reply to not
clog our machine and run us out of paper every few minutes all night
long ... ***    <grin>

So a new approach will be needed.  Read on .....

        Hi fellow 'netters,

        My name is Patricia Eng and I recently started using a magazine
        subscription club in the USA that has a FREE 1 yr. magazine subscription
        deal with your first paid order- and I have been very pleased with them.
        They have over 1,500 different USA titles that they can ship to any country
        on a subscription basis.   As for computer magazines from the USA, they
        more of a selection than I ever knew even existed.  They have magazines for
        most every area of interest in their list of 1,500 titles.


(Several hundred lines deleted; I am sure you are angry with me for
cutting them out ... grin ...)

And guess what!  Patsy Eng is the same way as Janet Dove ... 'just a
happy customer and a busy student' ... no time to answer flames ...
and to make sure she does not have to answer flames, she thoughtfully
screwed up her email address, as we saw above.

        Please do not email me as I am just a happy customer and a *busy* student.
        I don't have time to even complete my thesis in time, let alone run my
        part-time software business!  Please fill out the below form and

                             fax it to them in the USA at:    718-967-1550

        (Fax line is open 24 hrs. per day, 7 days a week, but the *easiest* time
        to get your fax through is Mon-Fri, 9 am - 5 pm EST, due to the least # of
        faxes coming through during those hours.).


We will discuss that phone number in just a minute.

        ----> IMPORTANT NOTICE FOR THOSE FAXING IN THEIR REPLY:
        (*please* make sure there is *no* cover page and your fax is only 1-page, as
        their fax is set-up to receive only 1-page faxes.  Your fax goes directly onto
        their 4.2 gigabyte computer hard drive, not paper, and  all incoming fax
        calls are set-up to
        be auto-terminated at the start of the 2nd page, in order to allow space for
        everyone's replies to be received.. <----


She stresses this again; you see last time the magazine people
unloaded their commode here on the net, many of you responded
vigorously, you damn near wrecked their fax machine ... good!

And they would like you to fax to them during the business day ... not
so much because that is 'when it is slowest and easiest to get through'
but more because that's the time of day when they are there to
monitor what is happening ... naturally, you will want to send
your faxes at night and on weekends .... grin ....

        or smail it to them at the following address:
                                               Magazine Club Inquiry Center
                                               Att. FREE Catalogue-by-email Dept.
                                               PO Box 990
                                               Staten Island NY  10312-0990

We will discuss this post office box in a minute also.


        NOTE:  for the fastest reply, please fax in the below form.  If you do not
        have access to a fax at work or at home, then please send it in by smail
        (airmail).  They will email you their FREE catalogue and complete info on
        how their club works within 1 business day of receiving your form.
        Replying does not mean you are committed to joining, only that you
        are seriously interested in receiving more info by email and then have a
        quick friendly, no obligation phone call made to you to answer your
        questions and explain how they work.

Only a complete FOOL would supply them with any information at all about
themselves or their email address or snail mail address, etc.


        Sorry, but incomplete forms *will not* be acknowledged.  If you do not
        have an email address, or access to one, they will not be able to help you
        until you do have one.  If you saw this message, then you should have one.  :)


*** Snicker ****

      (About a thousand more lines deleted ... I do not intend to
      advertise their magazines for them.)


Now here is where YOU come in ... here are some things YOU can do to
help expose the vermin who, like Slaton, have managed to damn near
wreck Usenet ...

I.  Write postmaster@ppp30.ingress.com (with a copy to)
          postmaster@pm1-41.ixc.net

Text: "Please check your log of outgoing mail for 16:12 on October 21
and see if it is possible to detirmine which user sent the mail with
the above referenced message-ID and give me that name. Thank you."

Once the postmaster responds, see to it the rest of the net gets the
correct user name. Finger the user if possible for more details as
to real name, etc. Naturally, most vermin do not have .plan files in
thier directory, but put together what data you can.


II. That phone number: 718-967-1550. It is a working number in Staten
Island, NY  but it is non-pub. A fax machine is answering. I am running
into dead ends at present finding out any more. I'll keep working on
it, but in the meantime, if you have a fax that is a hundred pages
long, you may need to call them a hundred times and send your fax
page by page. Are there some pictures you want them to see, or a
magazine article?  Maybe they should get copies of other spams like
their own ... but long distance is cheap these days (nights) ... so
if you have to send several to get it all delivered, then do it.
People in the local NY/NJ area may have a lot of faxing they need
to do.    <grin>


III. That box number:  PO Box 990, Staten Island, NY 10312

Send a short polite letter addressed as follows:

         Postmaster
         Staten Island, NY 10312

  ATTN: Lock Box Rental Supervisor

Text:

"Post Office Box 990 is being used for business purposes, to solicit
the public. Therefore, according to postal regulations, I am entitled
to know the name and address of the box holder.

"Please supply me with the name and address of the renter of Box 990,
also a phone number if you have one. Please supply me with the name(s)
of the person(s) authorized to sign for certified/registered mail and
the name(s) of persons authorized to collect mail from the box or who
are in possession of the keys to the box if they are different than
the renter.

"I am enclosing a self addressed stamped envelope for your convenience
in making a speedy reply. If there is a fee for your service, please
advise me. Thank you."

    If you want, just for a little fun, send a cc of the letter
    to the postmaster to the box itself  <grin>  just to let the
    boxholder know inquiries are being made about him.  Nothing
    better than a little paranoia on his part. Naturally you do
    not send him a self addressed stamped envelope. Since he *is*
    running a business box, he will be powerless to stop you from
    inquiring of the postmaster.

IV. Finally, once again in reference to Box 990, you may wish to
send him LOTS of mail ... why not send printouts of his own spams
back to him along with print outs of every other spam you can find.
Naturally, no return address on the envelope, and don't worry if
you short the postage a little .. the post office will tell him to
pick up his mail at the call counter and pay the postage due.
Send a few 'Jesus Saves' tracts, assorted treatises, etc. You are
doing this to follow up on the fax message you sent earlier -- all
five hundred pages of it!

                ---------------------------

Be courteous and polite with postmasters, electronic or otherwise.  It
is not thier fault that they have idiots and con-artists as customers.
Whether it is ingress.com, or the postmaster at Staten Island, they
WILL get the point and understand the purpose of your POLITE inquiry.

                    -----------------------

So ... now please finish your assignment with Jeff, and then begin
this new assignment with the magazine people. Bear in mind the junk
mail spam sent to the magazine people is only until we have more
detailed information about who they are and where they are.

Good luck on your mission!  Keep their mailbox full and their fax
machine humming ... each time a new spam appears, in addition to
cancelling it as soon as possible mitigating its influence, let's
hit them hard in return with as much personal data as we can dig
up.  Should there possibly be a Digest or mailing list devoted to
a 'clearing house' function, identifying the vermin and coordinating
return attacks, etc?

War has been declared!


PAT

------------------------------

Date: Sat, 14 Oct 1995 22:46:26 -0500 (CDT)
From: David Smith <bladex@BGA.COM>
Subject: File 3--(fwd) PSU Student Challenges "Asatru" Email address (fwd)

               ---------- Forwarded message ----------
From--an189240@anon.penet.fi
Date--Thu, 12 Oct 1995 21:17:23 UTC


News:
Portland, Oregon U.S.***

A student has brought a legal challenge in U.S. District Court here
for being required in a public school to associate with or use their
computer Email address containing a religious name from the Asatru
religion.  The school, Portland State University, has named two
mainframe computer machines after "Odin" and "Loki", which are figures
of worship in the Asatru religion. The Oregon State Board of Higher
Education (OSBHE) denied his in-school complaint, saying the names are
generally regarded as mere "myth" and not religion. A letter by
OSBHE's chancellor, Joseph W. Cox, also denies the student's religious
basis for his objection, stating by letter that his personal
"Hebrew-Christian" beliefs do not "rise to this level" "of an official
religion". No harm, no "worship", is involved from mere reading or
typing in the names, he says.

The student, however, claims that "the university overextended its
"Viking" mascot theme into the religious sphere". The names are
associated with a current pagan religion that has many adherents-
Asatru or Odinism. It has been in existence since 1971 in both Iceland
and the U.S. The university is supporting an establishment of this
religion, he claims.  It denied his own Hebrew-Christian religion and
by any required association with this other pagan religion, it has
also "substantially burdened" his own exercise of religion- in the
language of the Religious Freedom Restoration Act of 1993.

The student is also mindful of having to use certain Unix or Pine
system commands which are repugnant to his moral or religious beliefs.
Because his Hebrew-Christian beliefs are to affirm all Life, he
objects to having to use the "k-i-l-l" and "u-n-k-i-l-l" language of
computer commands. In repeated use, it is a subtle form of reinforcing
or conditioning immorality. Reinforcing a "culture of death"- as Pope
John Paul also put it in his recent visit to the U.S.

The case, Hieb v. OSBHE, presents an interesting turnabout: the Asatru
religion may be seen as arising as part of a youth protest movement
against the dominant, state-established Lutheran church in northern
Europe. In Oregon at PSU, the Asatru religion is claimed to be the
state supported religion. The student's Hebrew-Christian religion is a
"back to the Roots" variation of the dominant Christian religion.
Which he says has been very "Greco-Romanized", even "imperialized",
from the original.  So far, he filed the action "pro se" and has no
attorney.

------------------------------

Date: Wed, 18 Oct 95 16:56 EST
From: "AMERICAN EAGLE PUBLICATION INC." <0005847161@MCIMAIL.COM>
Subject: File 4--Giant Black Book of Computer Viruses

For Immediate Release

Perhaps you've heard of The Little Black Book of Computer Viruses. It
was released in 1991 and caused quite a stir in the computing
community because it detailed the operation of four computer viruses,
and included full source code for them in the book so that readers
could put the viruses together and experiment with them.

It has become one of the most highly censored technical books of the
decade, banned by numerous computer magazines, and even the likes of
Soldier of Fortune. It has been the subject of litigation in France
which went clear to the Supreme Court, resulting in an important
precedent for freedom of speech in that country.

Mark Ludwig, author of The Little Black Book, has just come back with
The Giant Black Book of Computer Viruses, and it's sure to cause
another stir in the computing community. At a whopping 672 pages, it
details 37 viruses--everything from a simple 44-byte virus to very
sophisticated viruses designed for Windows and OS/2 as well as a Unix
virus designed to create a new super-user account on the sly, thereby
totally compromising the security of a system. The author also exposes
all of the inside secrets behind polymorphic viruses and genetic
viruses, and argues that anti-virus software may not be able to handle
the threats posed by viruses for very much longer.

Yet the book is not all gloom and doom. Dr. Ludwig also details
various anti-virus measures, and provides the reader with several
anti-virus programs (with full source), discussing how they work to
eradicate viruses, and how viruses sometimes work their way around
such measures. He also discusses so-called "good" viruses, those
programs that combine self-reproduction with a useful function which a
computer user might want. Included in his book is the KOH virus, a
cryptography tool that secures the hard disk when installed.

Responding to charges that he is encouraging the development of new
viruses and causing trouble, Ludwig said that he believes his work
does a lot of good by making solid technical information available to
people who need to know it. "Using a black-box to solve your virus
problems is foolish if you are in a high-level position where
thousands of computers could go down or lives could be at stake. There
is an intelligent programmer out there trying to foil the software you
are using, and you are going to be the guniea pig, not the
manufacturer. You need to take responsibility and rely on your own
intelligence, rather than expecting some so-called expert to do your
job for you, while you sit there not even so sure that this expert is
really that expert--until it's too late. It takes intelligence to
combat intelligence, and I'm not just saying that as some cute little
quip--it's a mathematically proven fact, and I discuss it in the
book."

The Giant Black Book of Computer Viruses is available from American
Eagle Publications, PO Box 1507, Show Low, AZ 85901, (800)719-4957,
for $39.95 + 3.00 postage.

------------------------------

Date: Sun, 18 Oct 1995 22:51:01 CDT
From: CuD Moderators <cudigest@sun.soci.niu.edu>
Subject: File 5--Cu Digest Header Info (unchanged since 18 Oct, 1995)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send a one-line message:  SUB CUDIGEST  your name
Send it to  LISTSERV@VMD.CSO.UIUC.EDU
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message:   UNSUB CUDIGEST
Send it to  LISTSERV@VMD.CSO.UIUC.EDU
(NOTE: The address you unsub must correspond to your From: line)

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on  internet);
and on Rune Stone BBS (IIRGWHQ) (203) 832-8441.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE:  In BELGIUM: Virtual Access BBS:  +32-69-844-019 (ringdown)
         Brussels: STRATOMIC BBS +32-2-5383119 2:291/759@fidonet.org
         In ITALY: ZERO! BBS: +39-11-6507540
         In LUXEMBOURG: ComNet BBS:  +352-466893

  UNITED STATES:  etext.archive.umich.edu (192.131.22.8)  in /pub/CuD/
                  ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
                  aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
                  world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
                  wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
  EUROPE:         nic.funet.fi in pub/doc/cud/ (Finland)
                  ftp.warwick.ac.uk in pub/cud/ (United Kingdom)

  JAPAN:          ftp://www.rcac.tdi.co.jp/pub/mirror/CuD

The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
  URL: http://www.soci.niu.edu:80/~cudigest/

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

------------------------------

End of Computer Underground Digest #7.83
************************************