Computer underground Digest Wed Mar 30, 1994 Volume 6 : Issue 28 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe (He's Baaaack) Acting Archivist: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Suspercollater: Shrdlu Nooseman CONTENTS, #6.28 (Mar 30, 1994) File 1--Downs Down On Clipper File 2--Reply to "Clipper Paranoia" (CuD #6.26) File 3--Gov't Regulation of BBSes in Australia File 4--Hacking (Broken) Hearts File 5--"Reality Bites" (Superhighway revisited) File 6--Research on MUDS (MA Thesis) File 7--Virus Sightings (humor) File 8--ScratchPad 2.0 (Info source) File 9--How Clipper Actually Works Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send a one-line message: SUB CUDIGEST your name Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (203) 832-8441. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: from the ComNet in LUXEMBOURG BBS (++352) 466893; In ITALY: Bits against the Empire BBS: +39-461-980493 FTP: UNITED STATES: etext.archive.umich.edu (141.211.164.18) in /pub/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ EUROPE: nic.funet.fi in pub/doc/cud/ (Finland) nic.funet.fi ftp.warwick.ac.uk in pub/cud/ (United Kingdom) COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ---------------------------------------------------------------------- Date: Sun, 27 Mar 94 17:35:00 -0700 From: walter.scott@HOTLINE.COM(Walter Scott) Subject: File 1--Downs Down On Clipper The Clipper Chip proposal from the Clinton Administration -- which would essentially have government broker individual electronic privacy rights -- is collecting still more opposition. One of the most recent opponents to Clipper is media icon Hugh Downs. Downs is well known for his days as a co-host of the Today Show, host of the game show Concentration, and his current position as co-host of ABC-TV's 20/20. Downs is also a respected advocate for "mature" adults. Downs delivered his "perspective" as to Clipper on the 03-27-94 edition of ABC radio's "PERSPECTIVES." In Downs' segment, much cryptography history -- as it relates to radio -- was explained while Downs laid the foundation for expression of his opinion on Clipper. The following text is a direct transcript of Downs' summation: ------------- TRANSCRIPT BEGINS ------------------------ It's not designed to stop criminals from sending encrypted messages because criminals will always be able to do that. If the NATIONAL SECURITY AGENCY puts a spy chip on American computers, then the criminals will simply avoid the chip and use other computers that don't spy on them. But, it wouldn't be just criminals who would buy foreign made computers. Anyone who wants a private life would have to buy foreign, too. According to John Perry Barlow, who's co-founder and Vice-chair of the Electronic Frontier Foundation, Vice President Gore says he wants the Clipper Chip installed in all American-made computers designed for export. Now, you don't have to be a computer whiz to realize that -- if American computers were forced to have a spy chip built into them -- then fewer people would buy American computers. The computer owes an enormous debt to cryptologists because cryptologists needed machines to disguise radio messages. The information highway is certainly as wide open as radio. Indeed, much of it is already radio. Cellular phones and cellular FAX will quickly expand to cellular modem and satellite communications. As it is, most of this information goes out unprotected. The time has arrived for individuals to have high levels of security. The information superhighway will eventually contain every scrap of information we could possibly imagine. And that means there will be all sorts of unscrupulous people out there trying to hack into our lives. Information-highwaymen are bad enough when they're fourteen years old. But now, adults -- who work for the government -- want to play hacker, too. The Clipper spy chip is bad business for everyone. Information-highway-safety should be a top priority for all of us. ------------ TRANSCRIPT ENDS -------------------- The Hotline/Seattle ~ (206) 450-0948 ------------------------------ Date: Tue, 22 Mar 1994 15:47:00 GMT From: chris.hind@MAVERICKBBS.COM(Chris Hind) Subject: File 2--Reply to "Clipper Paranoia" (CuD #6.26) This is my reply to: shadow@VORTEX.ITHACA.NY.US(bruce edwards) Subject--Opposing Clipper is "paranoia" with good Reason (Cu Digest, #6.26) >Its existence will make no difference at all. The very smart ones >may use PGP or something else, and again, clipper will be meaningless. We could easily build it into the net, making it impossible for the government to stop us. Sound like a good plan? >Because it will probably prove constitutionally impossible >to outlaw widespread private encryption -- something big brother finds >hard to swallow -- the clipper/encryption push seems to me to be about >another kettle of sharks. Completely true, encryption cannot be outlawed. The government is ripping itself off by giving us powerful encryption for personal use. But for the dark personal secrets, are we really gonna use the clip chip? Not me! I'll use PGP or something else. Criminals aren't going to use the chip unless they're really ignorant or blatantly idiotic. So the government is really spending lots of money to making our lines more secure from illegal phone tappers and such but not doing a thing for them. I believe we're getting the better part of the deal! Do they really want to listen in on phone calls to our relatives? I don't think so. I promote the Clipper Chip! Thanks for the free gift! T> In my opinion (and this I am sure is obvious to most everyone) the >encryption, bugging-port, e-mail reading agenda pursued by government >is no more than the first icy finger of the Empire, encircling the >throat of cyberspace. A little dramatic here? They might win the battle but they haven't won the war. The final battle will be when we establish a global Interactive Television system. Then it will pit the public against the US government and the allies it has in this dispute (if any). Nobody wants a video camera normally used for video conferencing to be watching them in their own living room without them even knowing it. By this time, people will know a lot more about this scheme and most likely the public will win this battle unless the majority of the population is as ignorant as a two year old child to the world around them. ------------------------------ Date: Tue, 29 Mar 1994 14:35:32 +1000 (EST) From: Mr Rhys Weatherley Subject: File 3--Gov't Regulation of BBSes in Australia Well, it's finally on. The Australian government has announced a task force that is to develop options for regulating BBS'es here in Oz. Attached is the call for submissions which was posted to the aus.* newsgroups by Tom Worthington of the Australian Computer Society (ACS). Tom has given me permission to re-post it here. Comments can be posted to CuD, or sent to Roger Clarke who is preparing the ACS's submission, or sent to me for my submission. Roger's e-mail address is roger.clarke@anu.edu.au and mine is rhys@fit.qut.edu.au. As odious as the prospect of BBS regulations are, there's not much that can be done except ensure that the regulations address the concerns of the net population rather than being railroaded through. I for one am adamant that any regulations have built-in protections for the network community alongside any control measures. Maybe we can get the much-needed "common carrier" like protections if it is worded carefully in the submissions. I must say that I'm not surprised at this move by the government, given the recent stories with the usual bogey-men of "computer porn" and "information about making bombs" that the traditional media have been reporting. Computer games were recently placed under the Australian censorship scheme, and BBS'es were the next down the list. *sigh* Any assistance would be greatly appreciated. Any ideas, no matter how radical are welcome: I'll take care of toning them down from the setting of "foaming-at-the-mouth lunatic" to just plain "lunatic". :-) Once I have a draft, I'll be sure to post it to CuD for comments before hitting the Australian government with it. The deadline for submissions is 29 April 1994. Cheers, Rhys. >From: tomw@ccadfa.cc.adfa.oz.au (Tom Worthington) >Subject--Regulation of computer bulletin boards call for submissions >Message-ID: <1994Mar21.032645.16795@sserve.cc.adfa.oz.au> >Summary: Australian Attorney-General investigating BBS regulations >Organization: Australian Defence Force Academy, Canberra, Australia >Date: Mon, 21 Mar 1994 03:26:45 GMT ATTORNEY-GENERAL'S DEPARTMENT Call for submissions on the regulation of computer bulletin boards The Attorney-General and the Minister for Communications and the Arts have established a joint Task Force to develop options for the regulation of computer bulletin hoards. SUBMISSIONS The Task Force invites submissions from members of the public on options for the regulation of computer bulletin board systems. Submissions may include comments on the feasibility of a Code of Practice governing the use of bulletin board systems. TERMS OF REFERENCE The Task Force is to consider alternatives for developing a regulatory system that would: * allow bulletin board users, parents and guardians to make informed entertainment choices for themselves and those in their care: and * provide adequate protection to children from material that mi~ht be considered harmful or disturbing. The Task Force is also to assess whether: * existing Commonwealth offences covering the misuse of computers and telecommunications services are adequate to deal with bulletin board abuse; * import/export restrictions are capable of controlling the international trafficking and subsequent copying and distribution of otherwise banned material; * State and Territory laws such as those dealing with the misuse of computers and possession of child pornography are adequate to deal with bulletin boards; * current law enforcement powers are adequate to deal with the new technology; and * specific offences should be enacted for the use of bulletin boards for unlawful purposes. For further information contact the Criminal Law Branch on (06) 250 6459. Submissions can he sent to: Bulletin Boards Taskforce Criminal Law Branch Attorney-General's Department Robert Garran Offices BARTON ACT 2600 Or via The Internet address: bbs.taskforce@ag.ausgovag.telememo.au Or via the X.400 address: G=BBS,S=Taskforce,O=AG,PRMD=AUSGOVAG,ADMD=TELEMEMO,C=AU Closing date: The closing date for submissions is Friday 29 April 1994 ------------------- Posted by Tom Worthington , Director of the Community Affairs Board, Australian Computer Society Inc. Fax: +61 6 2496419, as a public service. Please address enquiries and submissions to the Taskforce's e-mail address 21 March 1994 ABOUT THE ACS: The Australian Computer Society is the professional association in Australia for those in the computing and information technology fields. Established in 1966, the ACS has over 14,000 members and on a per capita basis is one of the largest computer societies in the world. Activities are announced in the Usenet newsgroup "aus.org.acs". Information is available via e-mail from info@acs.org.au or Gopher at URL: gopher://acs-gopher.mit.csu.edu.au:1605/11/acs courtesy of Charles Sturt University. ------------------------------ Date: Mon, 28 Mar 1994 19"32:01 EST From: CuD Moderators Subject: File 4--Hacking (Broken) Hearts ((First The Well's "Cyber-Lothario" and now this--ah, true love ain't easy)) "Cops Say Love Claims are Off-line" From: Chicago Tribune, March 25, 1994 (Sect 2, p. 6) The trail of a computer love bandit who used on-line services to lure wealthy women into romantic relationships only to swindle them and break their hearts has ended in Park Forest (Ill.), police said Thursday. The article explains that Conrad Grohs, 41, was served with warrants, including one for bigamy, from three states, after a Pennsylvania woman reported her suspicions to authorities. Printouts of correspondence from Groh's computer on-line ruse tipped her off, Park Forest Detective Patrick Fitzgerald said. "He was corresponding with a recently divorced woman whose ex-husband had come into several million dollars," Fitzgerald said. "He wanted her to go aftr it. Of course, he was going to be waiting in the wings to relieve her of it. The article adds that Grohs met the Pennsylvania woman through an electronic BBS. She invited him to stay with her in Park Forest at her parent's home. He claimed to be writing a book. He was held in Cook County Jail while authorities continued their investigation. ------------------------------ Date: 27 Mar 94 19:37:25 EST From: Mr. Badger Subject: File 5--"Reality Bites" (Superhighway revisited) ((MODERATORS' NOTE: The following comes from CRYPT NEWS LETTER, available from Urnst Couch at: 70743.1711@COMPUSERVE.COM)). REALITY BITES, BUT IT BEATS THE HELL OUT OF OTHER PEOPLE'S PIPE DREAMS by Mr. Badger (Andy Lopez), mrbadger@ttps.lakes.trenton.sc.us. Cracks in the glistening tarmac of the Information Superhighway are appearing. You wouldn't know it from reading the euphoric delusions of the techno-journalists, who as a class excel at two things: swallowing corporate manure and shoveling it into others. Again, I say ignore the pipe-dreamers with their grand visions of virtual reality, virtual communities, virtual sex. It's virtual sewage. The clash between reality and the Information Superhighway image will be brutal, but prolonged. Brutal, because reality has all the tact, diplomacy, and professionalism of the Bureau of Alcohol, Tobacco, and Firearms. Prolonged, because dreams won't die easily and delusions never surrender. The ignorant and the stupid will see their crazed leaders speak of glorious counterattacks even as they are shelled from the west and looted by the east. When the smoke has cleared, they'll be left with an empty shell, a fiction so transparent and fake that only intellectual cripples and those who've thrown away large investments will still be convinced there's substance to it. First of this month's flaws in the Information Highway Weltanschauung, Barron's (March 14, 1994) front page, asks: "STILL GOING? In all the rhapsodizing about the telecommunications revolution one fact has been sadly overlooked: Nobody has come up with a portable battery that last more than a few hours. For users of laptop PCs and cellular phones, when will the frustration end?" The story starts with a couple of anecdotes that illustrate the obvious problems with batteries: they don't last long enough, it's inconvenient to carry extras, and battery chargers tie the consumer back into plug-in power. The story ends with a summary of future options: pay more, carry heavier batteries, take chances on unproven technology, and ho-hum brrrr-zzzzzzz. Sorry, if we're not enthusiastic, but that hardly seems like a solution. Further, it's not news. On other fronts, the Economist (February 26, 1994) notes the much vaunted, state-supported, Japanese high definition television (HDTV) standard is deader than the albatross in "The Rhyme of the Ancient Mariner". Now analysts are expecting the newly created American standard to be adopted by both Europe and Japan. True, the Japanese standard was analogue, but that hardly explains why, after two years of HDTV broadcasts, only 20,000 sets have sold. The Economist chalks that up to the outrageous cost of HDTV units, and ends with a quote that serves as warning to industrialists betting on a high-tech, home-based interface to electronic services. "Will viewers pay big sums simply for sharper pictures? The jury is out. But the only person better at killing off a technology than a well-intentioned regulator is a commonsense consumer." In other words, don't bet the farm that the information highway is going to be high-tech, either. More ominous, Newsweek is starting to doubt. Seeing Newsweek question the glorious future of all that is digital is like seeing the town whore filling out correspondence Bible courses from the Church Universal and Triumphant. You can't help but be impressed at the change, nor can you resist making mental bets on how long it will last (not long at all, in this case). "Sex on the Info Highway" was almost good, but by March 14 the magazine was back on the trail of digital piffle with "Keeping the Cybercops out of Cyberspace." One quote in the "Sex" piece almost earned the Badger seal of approval, but almost only counts in horseshoes and quoits, which - I might add - I detest. It read: "The quality of much cyberporn varies from low to dreadful. While the idea of electronic dirty talk may seem titillating, the reality is often pathetic--or worse, boring. A lot of the time, participants discuss techniques. The tone isn't all that different from that of computer forums on auto repair; only the tools vary. Downloading X-rated pictures takes time and concentration; users need a special program to translate digital blips into flesh-and-blood tones. Often, the amateurish results aren't worth the effort. Even many professionally produced products, such as CD-ROMs, are little more than dirty movies copied onto a disc. Because CD drives are slower than VCRs, the viewer sees nothing more than a series of jerky images." "Downloading takes . . . concentration . . . " My ass. It's such a frankly idiotic claim it must have been the product of the writing-by-committee techniques which makes Newsweek such a wretched example of contemporary journalism. However, the rest finally showed some common sense: 1. Computers are an awful medium for pornography, period, and 2. Pornography ain't exactly the most demanding of arts, either. "Keeping the Cybercops Out of Cyberspace," however, was little more than a glorified press release for the Clipper encryption chip and the FBI's Wiretapping proposals. Starting with an account of how Aldrich Ames, the recently caught spy, did _not_ use encryption, "Cybercops" went on to point out that present cryptologic techniques may be uncrackable by government agencies. It's assessment of the Clipper chip and the Justice Department proposals that all switching systems accommodate FBI wiretapping gear: "Sounds sensible, but the plan has civil-liberties folk in an uproar." The article then blithely dismisses privacy advocates with the fatherly, know-it-all claim: "The concern is understandable but overblown." As proof, it offers: "'Enforcement agencies simply don't have the time to monitor all these things,' says John O'Leary at the Computer Security Institute, a public-interest group in San Francisco. The Feds won't barge through your back door unless they suspect a crime, and then only with a court order." Tell it to Steve Jackson Games and the Branch Davidians in Waco, brainless sewer rats. It's not particularly surprising, but still quite dumbfounding, that editors of Newsweek practiced selective recall of recent history when researching this piece. It's true that the authorities won't catch everybody, but that's cold consolation when you're on the ground taking a billyclub to the kidneys or having all your equipment forfeited during a raid for which the paperwork will later be declared invalid. And what happened to the concept that the government ought to keep a jump ahead of enemies by hard work and sheer brain power? When did we concede that all evil-doers have de facto technical superiority? The final insult is the article's assessment of the business costs and pragmatism of instituting the Clipper chip: "Few of the more pragmatic critics propose scrapping the Clipper. Instead they suggest ways of restricting the number of federal officials who might have access to the master keys." How's that Information Superhighway sounding now? Mr. Badger warns of the dire consequences of letting techno-journalists live. As usual, we're betrayed by mainstream news organs that subsconsciously believe the "CO" in community derives from "military industrial COmplex" or "big COrporation." Merciful use of Pentobarbital Sodium is warranted. Even People for the Ethical Treatment of Animals won't squeak. ------------------------------ Date: Tue, 22 Mar 1994 16:39:49: EST From: CuD Moderators Subject: File 6--Research on MUDS (MA Thesis) Elizabeth Reid has completed her MA thesis on MUDS (University of Melbourne, Dept. of English, 1994), which we recommend to readers (when it becomes available). Her previous analysis of Inter-Relay Chat has been widely distributed and excerpted (the original IRC paper is available on the CuD ftp sites). Her latest work should be valuable to researchers, journalists, and others, and nicely supplements Julian Dibbel's recent article on "Rape in Cyberspace." Ms. Reid's work is valuable for several reasons. Substantively, it reflects an impressive breadth of substantive and conceptual/theoretical knowledge that brings together a rich body of data into a coherent framework. Intellectually, she bridges several disciplines, especially sociology, communications studies, and anthropology and ties them together in a sophisticated analysis of what has become known as "cyber-culture." Thematically, her work is a significant contribution to scholars internationally, because she fills a vacuum in our understanding of her chosen topic, MUDS, as well adds insights into computer-mediated communication. One theme central to Ms. Reid's work is that of gender power and how it is created and sustained, even playfully, in MUDS. Emergent new MUD norms partially mediate conventional gender and other power games, which may lead some to believe in the potential for a more equal playing field. As Ms. Reid suggests, this is not necessarily the case. We will try to make Ms. Reid's work available when it is converted into ASCII format. Those wanting additional information can contact her directly at: emr%munagin.ee.mu.oz.au@uunet.uu.net ------------------------------ Date: Sun Mar 6 00:27:57 1994 From: LFARNUM%smtpgate@CHLAIS.USC.EDU Subject: File 7--Virus Sightings (humor) We've been having some famous virus sitings here, just as a response to the folks who have the virus contest. We're trying to encourage the use of virus scanning software on PC's...here are some examples of what we're trying to detect and prevent! ***** BOBBIT VIRUS: Removes a vital part of your hard disk then re- attaches it. (But that part will never work again.) OPRAH WINFREY VIRUS: Your 200MB hard drive suddenly shrinks to 80MB, and then slowly expands back to 200MB. AT&T VIRUS: Every three minutes it tells you what great service you are getting. MCI VIRUS: Every three minutes it reminds you that you're paying too much for the AT&T virus. PAUL REVERE VIRUS: This revolutionary virus does not horse around. It warns you of impending hard disk attack---once if by LAN, twice if by C:>. POLITICALLY CORRECT VIRUS: Never calls itself a "virus", but instead refers to itself as an "electronic microorganism." RIGHT TO LIFE VIRUS: Won't allow you to delete a file, regardless of how old it is. If you attempt to erase a file, it requires you to first see a counselor about possible alternatives. ROSS PEROT VIRUS: Activates every component in your system, just before the whole damn thing quits. MARIO CUOMO VIRUS: It would be a great virus, but it refuses to run. TED TURNER VIRUS: Colorizes your monochrome monitor. ARNOLD SCHWARZENEGGER VIRUS: Terminates and stays resident. It'll be back. DAN QUAYLE VIRUS: Prevents your system from spawning any child process without joining into a binary network. DAN QUAYLE VIRUS #2: Their is sumthing rong wit your komputer, ewe jsut cant figyour out watt! GOVERNMENT ECONOMIST VIRUS: Nothing works, but all your diagnostic software says everything is fine. NEW WORLD ORDER VIRUS: Probably harmless, but it makes a lot of people really mad just thinking about it. FEDERAL BUREAUCRAT VIRUS: Divides your hard disk into hundreds of little units, each of which does practically nothing, but all of which claim to be the most important part of your computer. GALLUP VIRUS: Sixty percent of the PCs infected will lose 38 percent of their data 14 percent of the time. (plus or minus a 3.5 percent margin of error.) TERRY RANDLE VIRUS: Prints "Oh no you don't" whenever you choose "Abort" from the "Abort" "Retry" "Fail" message. TEXAS VIRUS: Makes sure that it's bigger than any other file. ADAM AND EVE VIRUS: Takes a couple of bytes out of your Apple. CONGRESSIONAL VIRUS: The computer locks up, screen splits erratically with a message appearing on each half blaming the other side for the problem. AIRLINE VIRUS: You're in Dallas, but your data is in Singapore. FREUDIAN VIRUS: Your computer becomes obsessed with marrying its own motherboard. PBS VIRUS: Your programs stop every few minutes to ask for money. ELVIS VIRUS: Your computer gets fat, slow and lazy, then self destructs; only to resurface at shopping malls and service stations across rural America. OLLIE NORTH VIRUS: Causes your printer to become a paper shredder. NIKE VIRUS: Just does it. SEARS VIRUS: Your data won't appear unless you buy new cables, power supply and a set of shocks. JIMMY HOFFA VIRUS: Your programs can never be found again. CONGRESSIONAL VIRUS #2: Runs every program on the hard drive simultaneously, but doesn't allow the user to accomplish anything. KEVORKIAN VIRUS: Helps your computer shut down as an act of mercy. IMELDA MARCOS VIRUS: Sings you a song (slightly off key) on boot up, then subtracts money from your Quicken account and spends it all on expensive shoes it purchases through Prodigy. STAR TREK VIRUS: Invades your system in places where no virus has gone before. HEALTH CARE VIRUS: Tests your system for a day, finds nothing wrong, and sends you a bill for $4,500. GEORGE BUSH VIRUS: It starts by boldly stating, "Read my docs....No new files!" on the screen. It proceeds to fill up all the free space on your hard drive with new files, then blames it on the Congressional Virus. CLEVELAND INDIANS VIRUS: Makes your 486/50 machine perform like a 286/AT. LAPD VIRUS: It claims it feels threatened by the other files on your PC and erases them in "self defense". CHICAGO CUBS VIRUS: Your PC makes frequent mistakes and comes in last in the reviews, but you still love it. ORAL ROBERTS VIRUS - Claims that if you don't send it a million dollars, it's programmer will take it back. Use your virus scan. Don't let any of these viruses happen to your PC! ------------------------------ Date: 15 Mar 94 20:38:45 GMT From: dbatterson@ATTMAIL.COM(David Batterson) Subject: File 8--ScratchPad 2.0 (Info source) ((MODERATORS' NOTE: We'll periodically try to include an occasional piece on new products, software, or other resources that readers might not otherwise see. We thank David Batterson for his excellent summaries of some of these products)). ScratchPad 2.0 Lets Chiropractors Use EOs for Notetaking by David Batterson RIVER RIDGE, LOUISIANA--Greycat, Inc. has released ScratchPad 2.0, the latest version of its chiropractic exam forms software for the AT&T EO Personal Communicators. Using ScratchPad, the D.C. can conduct patient exams and take notes--without a bar code system, desktop PC, or paper and pen. Since today's healthcare environment has meant an avalanche of paperwork to manage, most doctors and healthcare professionals are searching for ways to eliminate much of the paper while finding more efficient ways to manage patient data. In conjunction with the EO's PenPoint operating system, ScratchPad turns handwriting or print into screen text. Also, shorthand notations can be transcribed into full- length sentences. With ScratchPad and an EO 440 or 880 Personal Communicator, the doctor has a hand-held method for managing all SOAP (Subjective Objective Assessment Plan)/clinic notes. To locate a patient's folder and review prior visits, the doctor writes in the patient's last name or identification number, and taps with the pen. John Gambale, senior design specialist at Greycat, said they are now working on a new ScratchPad module called a narrative generation package. This is used "for lawsuits and other legal purposes," Gambale said, "where a doctor has to provide a summary of daily notes." The new module is planned for a "late summer" release, according to Gambale. On the back burner is a new ScratchPad for general practitioner medical doctors. Gambale said they hoped to have it launched by the end of 1994. Bart Bishop, D.C., a chiropractor in Whittier, Calif., said that the ScratchPad system was a real money-saver for his practice. "Previously," Dr. Bishop said, "I was spending about $4000 a year in transcriptions. Now I've cut it down to around $1,100 per year." Dr. Bishop said he does very little handwriting input, relying mostly on just tapping on boxes with the EO pen. The doctor said he previously tried the bar code method of note-taking, but said "it just didn't work out for us. It was too slow to use, and you couldn't see what you were inputting." ScratchPad 2.0 costs $1,495. Gambale said that virtually all customers buy the $350/year support contract, which includes 90-day, 800-number support, and all software upgrades. For information, contact Greycat, Inc., at 800-828-2250. ### America Online is Electronic Zone for Many Gays and Lesbians by David Batterson VIENNA, VIRGINIA--America Online (AOL), which calls itself "the nation's fastest growing provider of online services to consumers in the U.S.," has succeeded in marketing to one particular niche market: gay and lesbian computer users. While AOL doesn't yet have gay publications online, there are many articles that cover the gay/lesbian/bisexual/transgender community. Those are located in the Gay and Lesbian Community Forum (GLCF) Resource Files, as well as in online publications like the San Jose Mercury News, Chicago Tribune, The New Republic and USA TODAY. AOL has a staff of over 50 in the GLCF. There are many community conferences and events, guest speakers, support groups, media groups (GLADD, NGLTF, NGLJA, etc.), as well as a file library of thousands of informational and graphics files. Besides the GLCF, there are other areas on AOL where there are gay/lesbian topics, discussions, networking and information. For example, under the Learning & Reference section [keyword: EDUCATION], there are folders labeled Gay and Lesbian Youth. Under the Better Health & Medical Forum [keyword: HEALTH], users find folders labeled AIDS Support Group and Message Center. Microsoft billionaire Paul Allen now owns 25 percent of the company's stock. AOL continues to expand both membership and services; it now claims more than 650,000 members. AOL's monthly rate is $9.95 for the first five hours of online usage; additional time is billed at $3.50 per hour. There's no surcharge for prime time and 9600-bps access. AOL offers a freetrial membership that includes free software (DOS, Windows or Macintosh) and 10 hours of online time. Info: 800-827-6364. ------------------------------ Date: Wed, 30 Mar 94 13:24:38 PST From: dave@PCE1.HAC.COM(Dave Fandel) Subject: File 9--How Clipper Actually Works In all the anti-Clipper flaming that has been occuring I haven't seen anything about how Clipper actually works. I generated the following based on a lecture in a secure computer systems class I am taking. +---------------------------------------------------- Clipper Operations: Chip +----------------+ | | Message (M) -->| Algorithm (E) |--> Encrypted Message (B) = E [M] | Chip ID (ID) | K | Chip Key (U) | User Key (K) -->| Family Key (F) |--> Encrypted ID and Key (A) = | | E [ID | E [K]] +----------------+ F U Note: E [Q] means Encrypt Q with key R R +----------------------------------------------------------- The User Key is a session key that is generated by the two ends in the following manner: Side A Side B Generate a, X Generate Y a, X and Y are random # Send a and a^X ------> Receive a and a^X <------ Send a^Y Receive a^Y Generate K=(a^Y)^X Generate K=(a^X)^Y ie key K=a^(XY) So a, a^X, and a^Y can all be intercepted without giving away key. +---------------------------------------------------------------- So where does the government and the Key Escrow come into it? Note the 2nd output from the clipper chip - it is the ID of the chip and an encrypted version of the session key. The government will know the family key and can extract the ID. Then they go to the two escrow agencies (NIST and the Treasury Dept.) and get the two components of the chip key U. This allows the session key to be extracted and the message to be decrypted. Agency 1: ID and U(A) U(A) --+ OR --> U Agency 2: ID and U(B) U(B) --+ +------------------------------------------------------ General comments: 1. The Algorithm for the clipper chip is an NSA Type II algorithm called Skipjack. Type II is for unclassified, but sensitive. 2. If you could reprogram the Chip Key (U) or block the transmission of the encrypted ID and key this concept wouldn't be to bad. 3. The other point of vulnerability is at the manufacturing location where the Chip Key is originally generated. All 3 pieces of info (ID, U(A), and U(B)) have to be in the same place to generate the key. Dave Fandel dave@pce2.hac.com 3/30/94 If there is anything incorrect in this document please let me know. ------------------------------ End of Computer Underground Digest #6.28 ************************************