Title : Phrack World News XXVI Part 2
Author : Knight Lightning
==Phrack Inc.==
Volume Three, Issue 26, File 10 of 11
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
PWN PWN
PWN P h r a c k W o r l d N e w s PWN
PWN %%%%%%%%%%% %%%%%%%%% %%%%%%% PWN
PWN Issue XXVI/Part 2 PWN
PWN PWN
PWN April 25, 1989 PWN
PWN PWN
PWN Created, Written, and Edited PWN
PWN by Knight Lightning PWN
PWN PWN
PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN PWN
Reach Out And TAP Someone April 3, 1989
%%%%%%%%%%%%%%%%%%%%%%%%%
Two former employees of Cincinnati Bell, who were fired by the company for
"good cause" according to Cincinnati Bell Chairman Dwight Hibbard are claiming
they installed more than 1200 illegal wiretaps over a 12 year period from 1972
- 1984 at the request of their supervisors at the telco and the local police.
Among the alleged targets of the snooping were past and present members of
Congress, federal judges, scores of the city's most prominent politicians,
business executives, lawyers and media personalities.
Leonard Gates and Robert Draise say they even wiretapped the hotel room where
President Gerald Ford stayed during two visits to Cincinnati; and this part of
their story, at least, has been verified by the now retired security chief at
the hotel.
As more details come out each day, people in Cincinnati are getting a rare look
at a Police Department that apparently spied on itself, and at a grand jury
probe that has prompted one former FBI official to suggest that the Justice
Department seems more interested in discrediting the accusers than in seeking
the truth.
Cincinnati Bell executives says Gates and Draise are just trying to "get even"
with the company for firing them. But disclosures thus far seem to indicate
there is at least some truth in what the two men are saying about the company
they used to work for.
According to Gates and Draise, they were just employees following the orders
given to them by their superiors at Cincinnati Bell. But Dwight Hibbard,
Chairman of the Board of Cincinnati Bell has called them both liars, and said
their only motive is to make trouble for the company.
Cincinnati Bell responded to allegations that the company had specifically
participated in illegal wiretapping by filing a libel suit against Gates and
Draise. The two men responded by filing a countersuit against the telco.
In addition to their suit, four of the people who were allegedly spied on have
filed a class action suit against the telco.
In the latest development, Cincinnati Bell has gone public with (according to
them) just recently discovered sordid details about an extramarital affair by
Gates. A federal grand jury in Cincinnati is now trying to straighten out the
tangled web of charges and countercharges, but so far no indictments have been
returned.
Almost daily, Gates and Draise tell further details about their exploits,
including taps they claim they placed on phones at the Cincinnati Stock
Exchange and the General Electric aircraft engine plant in suburban Evendale.
According to Draise, he began doing these "special assignments" in 1972, when
he was approached by a Cincinnati police officer from that city's clandestine
intelligence unit. The police officer wanted him to tap the lines of black
militants and suspected drug dealers, Draise said.
The police officer assured him the wiretapping would be legal, and that top
executives at the phone company had approved. Draise agreed, and suggested
recruiting Gates, a co-worker to help out. Soon, the two were setting several
wiretaps each week at the request of the Intelligence Unit of the Cincinnati
Police Department.
But by around 1975, the direction and scope of the operation changed, say the
men. The wiretap requests no longer came from the police; instead they came
from James West and Peter Gabor, supervisors in the Security Department at
Cincinnati Bell, who claimed *they were getting the orders from their
superiors*.
And the targets of the spying were no longer criminal elements; instead, Draise
and Gates say they were asked to tap the lines of politicians, business
executives and even the phone of the Chief of Police himself, and the personal
phone lines of some telephone company employees as well.
Draise said he "began to have doubts about the whole thing in 1979" when he was
told to tap the private phone of a newspaper columnist in town. "I told them I
wasn't going to do it anymore," he said in an interview during the week of
April 2, 1989.
Gates kept on doing these things until 1984, and he says he got cold feet late
that year when "the word came down through the grapevine" that he was to tap
the phone lines connected to the computers at General Electric's Evendale
plant. He backed out then, and said to leave him out of it in the future, and
he claims there were hints of retaliation directed at him at that time; threats
to "tell what we know about you..."
When Dwight Hibbard was contacted at his office at Cincinnati Bell and asked to
comment on the allegations of his former employees, he responded that they were
both liars. "The phone company would not do things like that," said Hibbard,
"and those two are both getting sued because they say we do." Hibbard has
refused to answer more specific questions asked by the local press and
government investigators.
In fact, Draise was fired in 1979, shortly after he claims he told his
superiors he would no longer place wiretaps on lines. Shortly after he quit
handling the "special assignments" given to him he was arrested, and charged
with a misdemeanor in connection with one wiretap -- which Draise says he set
for a friend who wanted to spy on his ex-girlfriend. Cincinnati Bell claims
they had nothing to do with his arrest and conviction on that charge; but they
"were forced to fire him" after he pleaded guilty.
Gates was fired in 1986 for insubordination. He claims Cincinnati Bell was
retaliating against him for taking the side of two employees who were suing the
company for sexual harassment; but his firing was upheld in court.
The story first started breaking when Gates and Draise went to see a reporter
at [Mount Washington Press], a small weekly newspaper in the Cincinnati
suburban area. The paper printed the allegations by the men, and angry
responses started coming in almost immediately.
At first, police denied the existence of the Intelligence Unit, let alone that
such an organization would use operatives at Cincinnati Bell to spy on people.
Later, when called before the federal grand jury, and warned against lying,
five retired police officers, including the former chief, took the Fifth
Amendment. Finally last month, the five issued a statement through their
attorney, admitting to 12 illegal wiretaps from 1972 - 1974, and implicated
unnamed operatives at Cincinnati Bell as their contacts to set the taps.
With the ice broken, and the formalities out of the way, others began coming
forward with similar stories. Howard Lucas, the former Director of Security
for Stouffer's Hotel in Cincinnati recalled a 1975 incident in which he stopped
Gates, West and several undercover police officers from going into the hotel's
phone room about a month before the visit by President Ford.
The phone room was kept locked, and employees working there were buzzed in by
someone already inside, recalled Lucas. In addition to the switchboards, the
room contained the wire distribution frames from which phone pairs ran
throughout the hotel. Lucas refused to let the police officers go inside
without a search warrant; and they never did return with one.
But Lucas said two days later he was tipped off by one of the operators to look
in one of the closets there. Lucas said he found a voice activated tape
recorder and "a couple of coils they used to make the tap." He said he told
the Police Department and Cincinnati Bell about his findings, but "...I could
not get anyone to claim it, so I just yanked it all out and threw it in the
dumpster..."
Executives at General Electric were prompted to meet with Draise and Gates
recently to learn the extent of the wiretapping that had been done at the
plant. According to Draise, GE attorney David Kindleberger expressed
astonishment when told the extent of the spying; and he linked it to the
apparent loss of proprietary information to Pratt & Whitney, a competing
manufacturer of aircraft engines.
Now all of a sudden, Kindleberger is clamming up. I wonder who got to him? He
admits meeting with Draise, but says he never discussed Pratt & Whitney or any
competitive situation with Draise. But an attorney who sat in on the meeting
supports Draise's version.
After an initial flurry of press releases denying all allegations of illegal
wiretapping, Cincinnati Bell has become very quiet, and is now unwilling to
discuss the matter at all except to tell anyone who asks that "Draise and Gates
are a couple of liars who want to get even with us..." And now, the telco
suddenly has discovered information about Gates' personal life.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
FBI/Bell Wiretapping Network? April 3, 1989
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
[Edited For This Presentation]
Bob Draise/WB8QCF was an employee of Cincinnati Bell Telephone between 1966 and
1979. He, and others, are involved in a wiretapping scandal of monumental
proportions. They say they have installed more than 1,000 wiretaps on the
phones of judges, law enforcement officers, lawyers, television personalities,
newspaper columnists, labor unions, defense contractors, major corporations
(such as Proctor & Gamble and General Electric), politicians (even ex-President
Gerald Ford) at the request of Cincinnati police and Cincinnati Bell security
supervisors who said the taps were for the police. They were told that many of
the taps were for the FBI.
Another radio amateur, Vincent Clark/KB4MIT, a technician for South-Central
Bell from 1972 to 1981, said he placed illegal wiretaps similar to those done
by Bob Draise on orders from his supervisors -- and on request from local
policemen in Louisville, Kentucky.
When asked how he got started in the illegal wiretap business, Bob said that a
friend called and asked him to come down to meet with the Cincinnati police. An
intelligence sergeant asked Bob about wiretapping some Black Muslims. He also
told Bob that Cincinnati Bell security had approved the wiretap -- and that it
was for the FBI. The sergeant pointed to his Masonic ring which Bob also wore
-- in other words, he was telling the truth under the Masonic oath -- something
that Bob put a lot of stock in.
Most of the people first wiretapped were drug or criminal related. Later on,
however, it go out of hand -- and the FBI wanted taps on prominent citizens.
"We started doing people who had money. How this information was used, I
couldn't tell you."
The January 29th "Newsday" said Draise had told investigators that among the
taps he rigged from 1972 to 1979 were several on lines used by Wren Business
Communications, a Bell competitor. It seems that when Wren had arranged an
appointment with a potential customer, they found that Bell had just been there
without being called. Wren's president is a ham radio operator, David
Stoner/K8LMB.
When spoken with, Dave Stoner said the following;
"As far as I am concerned, the initial focus for all of this began
with the FBI. The FBI apparently set up a structure throughout the
United States using apparently the security chiefs of the different
Bell companies. They say that there have been other cases in the
United States like ours in Cincinnati but they have been localized
without the realization of an overall pattern being implicated."
"The things that ties this all together is if you go way back in
history to the Hoover period at the FBI, he apparently got together
with the AT&T security people. There is an organization that I
guess exists to this day with regular meetings of the security
people of the different Bell companies. This meant that the FBI
would be able to target a group of 20 or 30 people that represented
the security points for all of the Bell and AT&T connections in the
United States. I believe the key to all of this goes back to Hoover.
The FBI worked through that group who then created the activity at
the local level as a result of central planning."
"I believe that in spite of the fact that many people have indicated
that this is an early 70's problem -- that there is no disruption to
that work to this day. I am pretty much convinced that it is
continuing. It looks like a large surveillance effort that
Cincinnati was just a part of."
"The federal prosecutor Kathleen Brinkman is in a no-win situation.
If she successfully prosecutes this case she is going to bring
trouble down upon her own Justice Department. She can't
successfully prosecute the case."
About $200 million in lawsuits have already been filed against Cincinnati Bell
and the Police Department. Several members of the police department have taken
the Fifth Amendment before the grand jury rather than answer questions about
their roles in the wiretapping scheme.
Bob Draise/WB8QCF has filed a suit against Cincinnati Bell for $78 for
malicious prosecution and slander in response to a suit filed by Cincinnati
Bell against Bob for defamation. Right after they filed the suit, several
policemen came forward and admitted to doing illegal wiretaps with them. The
Cincinnati police said they stopped this is 1974 -- although another policeman
reportedly said they actually stopped the wiretapping in 1986.
Now the CBS-TV program "60 Minutes" is interested in the Cincinnati goings-on
and has sent in a team of investigative reporters. Ed Bradley from "60
Minutes" has already interviewed Bob Draise/WB8QCF and it is expected that
sometime during this month (April) April, we will see a "60 Minutes" report on
spying by the FBI. We also understand that CNN, Ted Turner's Cable News
Network, is also working up a "Bugging of America" expose.
_______________________________________________________________________________
Crackdown On Hackers Urged April 9, 1989
%%%%%%%%%%%%%%%%%%%%%%%%%%
Taken From the Chicago Tribune (Section 7, Page 12b)
"Make Punishment Fit The Crime," computer leaders say.
DALLAS (AP) -- The legal system has failed to respond adequately to the threat
that hackers pose to the computer networks crucial to corporate America, a
computer expert says.
Many computer hackers "are given slaps on the wrist," Mark Leary, a senior
analyst with International Data Corp., said at a roundtable discussion last
week.
"The justice system has to step up...to the fact that these people are
malicious and are criminals and are robbing banks just as much as if they
walked up with a shotgun," he said.
Other panelists complained that hackers, because of their ability to break into
computer systems, even are given jobs, sometimes a security consultants.
The experts spoke at a roundtable sponsored by Network World magazine, a
publication for computer network users and managers.
Computer networks have become crucial to business, from transferring and
compiling information to overseeing and running manufacturing processes.
The public also is increasingly exposed to networks through such devices as
automatic teller machines at banks, airline reservation systems and computers
that store billing information.
Companies became more willing to spend money on computer security after last
year's celebrated invasion of a nationwide network by a virus allegedly
unleased by a graduate student [Robert Tappen Morris], the experts said.
"The incident caused us to reassess the priorities with which we look at
certain threats," said Dennis Steinaur, manager of the computer security
management group of the National Institute of Standards and Technology.
But computer security isn't only a matter of guarding against unauthorized
entry, said Max Hopper, senior vice president for information systems as
American Airlines.
Hopper said American has built a "a Cheyenne mountain-type" installation for
its computer systems to guard against a variety of problems, including
electrical failure and natural disaster. Referring to the Defense Department's
underground nerve center in a Colorado mountain, he said American's precautions
even include a three-day supply of food.
"We've done everything we can, we think, to protect the total environment,"
Hopper said.
Hopper and Steinaur said that despite the high-tech image of computer
terrorism, it remains an administrative problem that should be approached as a
routine management issue.
But the experts agreed that the greatest danger to computer networks does not
come from outside hackers. Instead, they said, the biggest threat is from
disgruntled employees or others whose original access to systems was
legitimate.
Though employee screening is useful, Steinaur said, it is more important to
build into computer systems ways to track unauthorized use and to publicize
that hacking can be traced.
Steinaur said growing computer literacy, plus the activities of some
non-malicious hackers, help security managers in some respects.
Expanded knowledge "forces us as security managers not be dependent on
ignorance," Steinaur said.
"Security needs to be a part of the system, rather than a 'nuisance addition,'"
Steinaur said, "and we probably have not done a very good job of making
management realize that security is an integral part of the system."
IDC's Leary said the organization surveys of Fortune 1000 companies
surprisingly found a significant number of companies were doing little to
protect their systems.
The discussion, the first of three planned by Network World, was held because
computer sabotage "is a real problem that people aren't aware of," said editor
John Gallant. Many business people sophisticated networks."
It also is a problem that many industry vendors are reluctant to address, he
said, because it raises questions about a company's reliability.
Typed For PWN by Hatchet Molly
_______________________________________________________________________________
Ex-Worker Charged In Virus Case -- Databases Were Alleged Target Apr 12, 1989
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
by Jane M. Von Bergen (Philadelphia Inquirer)
A former employee was charged yesterday with infecting his company's computer
database in what is believed to be the first computer-virus arrest in the
Philadelphia area.
"We believe he was doing this as an act of revenge," said Camden County
Assistant Prosecutor Norman Muhlbaier said yesterday, commenting on a motive
for the employee who allegedly installed a program to erase databases at his
former company, Datacomp Corp. in Voorhees, New Jersey.
Chris Young, 21, of the 2000 block of Liberty Street, Trenton, was charged in
Camden County with one count of computer theft by altering a database.
Superior Court Judge E. Stevenson Fluharty released Young on his promise to pay
$10,000 if he failed to appear in court. If convicted, Young faces a 10-year
prison term and a $100,000 fine. Young could not be reached for comment.
"No damage was done," Muhlbaier said, because the company discovered the virus
before it could cause harm. Had the virus gone into effect, it could have
damaged databases worth several hundred thousand dollars, Muhlbaier said.
Datacomp Corp., in the Echelon Mall, is involved in telephone marketing. The
company, which has between 30 and 35 employees, had a contract with a major
telephone company to verify the contents of its white pages and try to sell
bold-faced or other special listings in the white pages, a Datacomp company
spokeswoman said. The database Young is accused of trying to destroy is the
list of names from the phone company, she said.
Muhlbaier said that the day Young resigned from the company, October 7, 1988 he
used fictitious passwords to obtain entry into the company computer,
programming the virus to begin its destruction December 7, 1988 -- Pearl Harbor
Day. Young, who had worked for the company on and off for two years -- most
recently as a supervisor -- was disgruntled because he had received some
unfavorable job-performance reviews, the prosecutor said.
Eventually, operators at the company picked up glitches in the computer system.
A programmer, called in to straighten out the mess, noticed that the program
had been altered and discovered the data-destroying virus, Muhlbaier said.
"What Mr. Young did not know was that the computer system has a lot of security
features so they could track it back to a particular date, time and terminal,"
Muhlbaier said. "We were able to ... prove that he was at that terminal."
Young's virus, Muhlbaier said, is the type known as a "time bomb" because it is
programmed to go off at a specific time. In this case, the database would have
been sickened the first time someone switched on a computer December 7, he said
Norma Kraus, a vice president of Datacomp's parent company, Volt Information
Sciences Inc, said yesterday that the company's potential loss included not
only the databases, but also the time it took to find and cure the virus. "All
the work has to stop," causing delivery backups on contracts, she said. "We're
just fortunate that we have employees who can determine what's wrong and then
have the interest to do something. In this case, the employee didn't stop at
fixing the system, but continued on to determine what the problem was." The
Volt company, based in New York, does $500 million worth of business a year
with such services as telephone marketing, data processing and technical
support. It also arranges temporary workers, particularly in the
data-processing field, and installs telecommunication services, Kraus said.
_______________________________________________________________________________
Mexico's Phone System Going Private? April 17, 1989
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
By Oryan QUEST (Special Hispanic Corespondent)
The Mexico Telephone Company, aka Telefonos de Mexico, aka Telmex, is likely to
go private in the next year or two. The Mexican government is giving serious
consideration to selling its controlling interest in that nation's
communications network, despite very stiff opposition from the local unions
which would prefer to see the existing bureaucracy stay in place.
The proposed sale, which is part of a move to upgrade the phone system there --
and it *does* need upgrading -- by allowing more private investment, is part of
a growing trend in Mexico to privatize heretofore nationalized industries.
The Mexico Telephone Company has spent more than a year planning a $14 billion,
five-year restructuring plan which will probably give AT&T and the Bell
regional holding companies a role in the improvements.
One plan being discussed by the Mexican government is a complete break-up of
Telmex, similar to the court-ordered divestiture of AT&T a few years ago.
Under this plan, there would be one central long distance company in Mexico,
with the government retaining control of it, but privately owned regional firms
providing local and auxiliary services.
Representatives of the Mexican government have talked on more than one
occasion with some folks at Southwestern Bell about making a formal proposal.
Likewise, Pacific Bell has been making some overtures to the Mexicans. It will
be interesting to see what develops.
About two years ago, Teleconnect Magazine, in a humorous article on the
divestiture, presented a bogus map of the territories assigned to each BOC,
with Texas, New Mexico and Arizona grouped under an entity called "Taco Bell."
Any phone company which takes over the Mexican system will be an improvement
over the current operation, which has been slowly deteriorating for several
years.
PS: I *Demand* To Be Let Back On MSP!
_______________________________________________________________________________