--- 



Computer underground Digest    Sun Nov 22, 1992   Volume 4 : Issue 60

       Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
       Archivist: Brendan Kehoe
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
       Copy Eater: Etaion Shrdlu, Junior

CONTENTS, #4.60 (Nov 22, 1992)
File 1--A Bird's-eye view of the Pumpcon Problem
File 2--We Must Defend our Rights Ourselves!
File 3--Re: CPSR Platform and You
File 4--2600 Allegations Require Collective Response
File 5--Creative Computing for College
File 6--Another view of Software Piracy
File 7--Piracy Declines

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost from tk0jut2@mvs.cso.niu.edu. The editors may be
contacted by voice (815-753-6430), fax (815-753-6302) or U.S. mail at:
Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115.

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL0 and DL12 of TELECOM; on Genie in the PF*NPC RT
libraries; from America Online in the PC Telecom forum under
"computing newsletters;" on the PC-EXEC BBS at (414) 789-4210; in
Europe from the ComNet in Luxembourg BBS (++352) 466893; and using
anonymous FTP on the Internet from ftp.eff.org (192.88.144.4) in
/pub/cud, red.css.itd.umich.edu (141.211.182.91) in /cud, halcyon.com
(192.135.191.2) in /pub/mirror/cud, and ftp.ee.mu.oz.au (128.250.77.2)
in /pub/text/CuD.
European readers can access the ftp site at: nic.funet.fi pub/doc/cud.
Back issues also may be obtained from the mail
server at mailserv@batpad.lgb.ca.us.
European distributor: ComNet in Luxembourg BBS (++352) 466893.

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited.  Some authors do copyright their material, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

----------------------------------------------------------------------

Date: Fri, 20 Nov 1992 06:32:21
From: Iwasthere@when.down.it.com
Subject: File 1--A Bird's-eye view of the Pumpcon Problem

                **********  PUMPCON  BUSTED!!!  ***********
                                10/31/92
                    written by someone who was there
                     who wishes to remain anonymous

NOTICE:  The word "Hacker" is used frequently throughout this file -
         it is to be interpreted as "a computer literate person", and
         NOT as "someone who engages in illegal activities using a
         computer".

Friday, October 30, Pumpcon began, at the Courtyard of the Marriott,
in Greenburgh, NY.  All in all, about 30 hackers showed up, and had a
great time.  At least until the evening of Oct. 31st, when 8-10
members of the Greenburgh police force showed up and raided the Con.
At the time of the raid, there were between 20 and 25 hackers in the
hotel.  3 of the 4 rooms rented by Con attendees were raided.  All the
occupants of these rooms were taken to a conference room, and then
another hotel room (255) where they were held approximately 6-8 hours
for questioning.

The police all came in unmarked police cars, and parked on all 4 sides
of the hotel.  No one noticed they were there, until they were
standing in the hall where all 4 rooms were located.  The officers
stood in the hall outside the doors, but did not enter the rooms right
away.  They waited about five minutes, for some unknown reason, which
was just enough time for them to be noticed by the hackers in at least
one of the rooms.  Unfortunately, there was no way the hackers in one
room could warn the other rooms - the fone lines were busy, and the
cops in the hall kinda left the "walk down and tell 'em in person"
option out.

  The police produced copies of a search warrant to search rooms 246,
233, and 237.  Room 246 was the one where everyone was hanging out; it
was pretty much THE room.  It was where the computers were located,
and where most of the Con attendees were 99% of the time.  The other
two rooms were rented by attendees of the con, and were simply used
for sleeping quarters.

Before too long, the police entered the rooms, and began rounding up
people.  My recollection of this time period is a bit faint, and I
don't remember all the minute details.  All I know is that we all
ended up in a conference room, and then room 255.

A few hackers who had been out driving around during the time of the
bust returned a few hours later, and when they were seen by police,
they were immediately taken to 255 and questioned.  (They were walking
down the hall, when a cop appeared, and told them to step into a room)
The cops asked them if they were hackers, and when they didn't answer,
one police officer reached into the coat pocket of one of the people,
and produced an auto dialer.  This in itself was enough to send the
three to room 255, where the rest of the hackers were being held for
questioning.  My question to you - isn't that just a bit illegal?
Bodily search without probable cause OR a warrant?  Ooops - I'm
forgetting - we're HACKERS!  We're ALL BAD!  We're ALWAYS breaking the
law.  We don't have RIGHTS!

Room 255 was packed.  No one was allowed to smoke, and everyone was
nervous as hell.  One by one people were called to be interviewed,
with some interviews lasting 5 minutes, others lasting 30 or 45
minutes.  Some people were sleeping, others were conversing, and still
others were shaking, and looked like they were about to puke at any
second.  Even though the situation was quite serious, a few joked
around, saying things like "So guys, I guess PumpCon '93 won't be held
here, eh?".

No one knew who was going to be arrested, or when they would be
released.  The 2 cops in the room with them were actually pretty cool,
and answered any questions they could to the best of their knowledge.
They weren't the guys in charge of the investigation; they were simply
there to make sure we didn't leave.  Of course, as friendly as they
seemed, they were still cops...

All the people who were detained were held until between 5:45 and
6:30 am.  Four hackers were arrested, 1 because 2 of the rooms were
registered in his name, a second because he signed for the rooms, and
the others for previous crimes, apparently.  No one knows as of yet.
As of this message, no news on what will become of those arrested is
known.  They have not yet been arraigned.  The other hackers were all
searched, questioned, and then released pending further investigation.
Those under the age of 18 had their parents notified.

To my knowledge, there were no federal investigators there at the time
of the bust.  However, people kept mentioning the FBI and the Secret
Service, and it is very possible that they will be called in to
investigate.  Actually, it's more than just possible, it's almost
guaranteed.  The police said that although most of those detained were
released, there will most likely be more arrests in the near future,
as more is learned about the alleged illegal doings.

3 computers (2 Amigas, and 1 AT&T dumb term) were confiscated, along
with anything which looked like it could have been involved in phone
fraud.  For some odd reason, although Auto Dialers were listed on the
search warrant, not all of them were confiscated.  I actually don't
know if ANY were, I do know that not ALL were. ;)

In one of the rooms, there were about 2 dozen computer magazines which
were apparently confiscated, although the warrant did not specify that
magazines could be taken.  But, when you're busting HACKERS, I suppose
you can take what you want.  After all, hackers are evil geniuses, and
don't have the same rights as NORMAL criminals do.

As of yet, the actual charges against the hackers are not known.   The
raid apparently stemmed because the hackers were ALLEGEDLY using
stolen calling card numbers and/or access codes to obtain free phone
calls.  One of these card numbers or codes was rumored to have
tripped a flag at AT&T, which alerted security personnel that something
was possibly wrong.

This assumption about the calling card fraud is made because the
police confiscated any calling card found during their searches, and
some of the questions they asked the detained centered entirely around
calling card theft and use.  A few other questions asked me were "Do
you know what computer systems were accessed?", "Do you refer to each
other with handles?", "Who was primarily responsible for this
meeting?", and "Where did you hear about this meeting?"

My interview lasted only about 10 minutes, and it started at about
5:50 am.  Everyone was dead tired, and the cops wanted to get
everything over with as fast as possible so they could get some sleep.
After the interviews were over, everyone left, to wait and see what
the next few days will bring.

I am releasing this file now, to prevent any rumors from starting, and
to try to make the outside world aware of what happened during
PumpCon.  I have left out any specific incidences and references to
specific people as a precaution, since the investigation is only
beginning.  We were hoping to write a file of all the attendees of
PumpCon, to share with the world the names of those who were there.
However, as you can obviously see, that would be highly stupid.  For
anyone who WAS there who is reading this, rest assured that the
running list of names which was kept made a very tasteless dinner for
the one who had it in his pocket.

Oh, BTW, one of the cops who was apparently in charge made a comment
to me... he said "You can post a message on the boards telling your
friends to stay out of Greenburgh".  Well boys, you heard him -
PumpCon '93 will be held in Greenburgh, at the Courtyard Marriott....

                            *--------------*

The following is a word for word copy of the search warrant issued to
each person who was detained and questioned.  No spelling errors were
corrected, but I probably made a few when I typed this in.  Oh well.


TOWN of GREENBURGH POLICE DEPARTMENT
WESTCHESTER COUNTY, NEW YORK
ORDER OF SEARCH AND SEIZURE
+-----

 ( signed here by Det. Hugh F. Gallagher #103)
----------------------------------------------

JUSTICE COURT, TOWN OF GREENBURGH
WESTCHESTER COUNTY, NEW YORK                                    ORDER
                                                                -----
IN THE MATTER OF Room 233, 237, & 246 Westchester Marriott Courtyard
THE APPLICATION FOR AN ORDER OF SEARCH AND SEIZURE OF:  (Specify)

Computers               Diskettes                        Computer Printers
Computer Terminals      Auto Dialers                    Diskettes
Calling Card            Computer Systems & Wire
Computer Printouts      Disk Drives
Modems                  Hand Written Notes About Credit Co.
                          "    "      "      "   Computer Service.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++X

IN THE NAME OF THE PEOPLE OF THE STATE OF NEW YORK

TO:  ANY POLICE OFFICER OF THE TOWN OF GREENBURGH POLICE DEPARTMENT

PROOF by affidavit having been made before me this day by
Det.H.Gallagher #103
 ___________(Affiant) of the Town of Greenburgh Police Department that
certain property, which is (stolen/unlawfully possessed, used to
commit an offense...) and which constitutes evidence and tends to
demonstrate that an offense has been committed and that a particular
person participated in the commission of an offense will be found at
the location captioned above.

YOU ARE THEREFORE COMMANDED,

** (Between the hours of 6:AM - 9:00 PM / AT ANY TIME OF DAY OR NIGHT) **
** (WITHOUT GIVING NOTICE OF YOUR AUTHORITY AND PURPOSE)**

TO MAKE A SEARCH of the above described (location/person)** for the
following property:  (describe fully)

  Room # 233, 237, & 246 of the West. Marriott Courtyard
  and all its occupants as listed on this attached affidavit.
             >><< Suspects name was written here >><<

AND if any such property is found, you are hereby directed to seize
the same and without unnecessary delay, return it to the court,
together with this warrant and a written inventory of such property
subscribed and sworn by you.

THIS COURT DIRECTS THAT this SEARCH WARRANT and ORDER issued this 1
day of NOV. 1992 is valid and must be executed no more than ten (10)
days after the date of issuance.

                                        << illegible justice's name here >>

 ____________________________________
                                        Justice Name              Signature

** Strike if N/A

UF91B

------------------------------

Date: Fri, 20 Nov 92 11:23:35 EST
From: ahoffmanjr@anony.com
Subject: File 2--We Must Defend our Rights Ourselves!

After reading the various accounts of the 2600 meeting in the last few
issues of CUD:

Eric Corley, and others, have repeatedly stated that either "I know my
rights" or "I'm sick of my rights being trampled". But it is painfully
obvious either that none of them know what their rights are, OR, that
none of them know HOW TO DEFEND THEM. Otherwise, the situation would
have been quite different.

Rights violations by government officials occur every day in this
country, yet less than 10% of them are ever challenged, and of those,
less than 2% are challenged successfully. Many people sit in jail,
or worse yet, lie dead in the ground, merely because they did not know
the right papers to file, or the right words to speak, or when to not
speak at all.

If you are TRULY interested in learning your rights, and willing to
defend them to the last -- and this is not a task for the mentally
challenged or the easily frightened -- you can find out more by
sending a Postal Money Order for 5 (five) "dollars" to:

   The Frog Farmer
   c/o R.B. Davis
   320 W. Third St., #C-191
   Santa Rosa, California
   95401

Tell him that you are requesting an Introductory Packet on Defending
Rights Violations. You may wish to specify a specific interest you
have, from the following categories:

  First Contact with Government Officials
  In the Courtroom
  Privacy
  Taxes

What you learn will certainly surprise you, and may very well frighten
you. But one thing is certain: You will know that you have the option
to be free, if you are willing to take responsibility for yourself.

------------------------------

Date: Mon, 16 Nov 92 11:17:32 EST
From: Rich=Gautier%SETA%DRC@S1.DRC.COM
Subject: File 3--Re: CPSR Platform and You

                            Questions, Anyone?

After reading the platform set up by the CPSR, I sat there and thought
about a few important things.  Like, What can _I_ do about these
things?  How can _I_ make a difference with regard to these ideas?
Who's going to pay for all this lobbying and change?

  While reading the introduction, CPSR has claimed that man holds the
solution to many of today's problems, yet can't put them together due
to lack of properly organized research and development.

  In today's society, money gets things done for the people who have
it.  In our case, the people who have it are(is?) the government.  In
order to get it OUT of the government, and into our hands (who
better?), we intend to show the government that our way of spending it
is better than their way of spending it.  After all, it's our money,
right?  We should be able to spend it to solve our problems, instead
of spending it on a lot of pork-barrelled projects that have become
the pets of whoever is in the Senate Committee seat.

  However, how can we do this?  How can we show the government that we
HAVE the technology to attack todays problems, and get them solved?
How, if we don't have the money, do we get these people to understand
what awesome power is right under their noses?

  Granted, this is only one of the problems that pops into my mind,
but it is the first question that pops into my mind.  What can
individuals do to further the knowledge of computing power?  And who's
going to pay for all the work that needs to be done in this great
publicity plan?

  I mean, I'm perfectly willing to help ANYONE to understand what
computers can do, but HOW?  Is there an organizer?  Is there a PLAN?
Is there a path for the followers, rather than just a path for the
leaders?

------------------------------

Date: Mon, 16 Nov 92 09:25:29 PST
From: Lawrence Schilling 
Subject: File 4--2600 Allegations Require Collective Response

        As a lawyer and semi-literate computer user who has just been
jolted by CuD's report of the police action at the Washington, D.C.
2600 meeting on November 6 (CuD 4.57) I am impelled to raise the
questions that follow.  Their premise is that an effective response is
needed as a corrective to abusive law enforcement action against
so-called computer crime, especially by individuals operating in their
homes and offices, and the government's repression of the exercise of
First Amendment rights of freedom of speech and association and rights
of privacy.  [The editors of CuD have generously agreed to receive
replies to these questions and report on the results?]

        1.  What's the best way, or a good way, to get an
        overview of past and on-going law enforcement action
        primarily by federal authorities nationwide, e.g.
        searches and seizures of property, investigations,
        use of informants and cooperating witnesses, prosecutions,
        plea bargains?   Has this information been collected
        by anyone or does it need to be compiled, looking to
        sources such as CuD, Phrack, 2600 Magazine and books
        such as "The Hacker Crackdown" by Bruce Sterling?

        2.  Are there any groups:

          a.  monitoring law enforcement activity, e.g. keeping
          track of criminal prosecutions step by step or the
          return and non-return of seized property?

          b.  collecting and exchanging documents, e.g. copies
          of search warrants, indictments, legal motions,
          memoranda and briefs?

          c.  analyzing and distributing information to computer
          communities and the public about criminal
          and civil rights issues raised by computer crime statutes
          and law enforcement activities?

          d.  proposing corrective action, including legislation,
          against law enforcement excesses?

        3.  Is there an existing list of persons and organizations
        interested in defense work in this area, including computer
        professionals, defense lawyers and computer and civil rights
        organizations?

        4.  Would a defense clearinghouse and resource center
        make sense?  Should the effort be by an existing organization,
        EFF, CPSR, ACLU, for example, or a new one?

------------------------------

Date: 16 Sep 92 03:04:14
From: The Dark Adept 
Subject: File 5--Creative Computing for College

                    Creative Computing for College
                          by The Dark Adept

I thought I might share some of the wisdom I've gleaned from years of
being forced to use "Academic Computing Centers".  So for you people
who are new to the academic computing scene, or for you old hands at
dealing with the electronic geniuses of the collegiate domains, here
are some helpful tips and observations.

Dealing with the System Administrator
+++++++++++++++++++++++++++++++++++++

If you need to find the system administrator, cause a major hardware
crash.  Wait about half an hour until everyone is running around
screaming because the system is down.  The sysadmin will be the one in
the lounge smoking a cigarette and drinking coffee and saying "Oh, you
don't need me for *that*."

In fact, look in the lounge for him at any time of day.  That is where
he will be.

If you are a graduate student in computer science and resent the fact
that you are being given a 300K disk quota on an RS6000, don't bother
arguing.  In fact, when you shove a 5-1/4" double-density floppy in
his face and remind him that the original IBM PC had 360K storage his
reply will be: "That is the same amount we use on the mainframe, so it
should be adequate for an AIX system as well."  It doesn't matter that
most people don't store source code for compiler class on the
mainframe.  In fact, the sysadmin will probably think that paper tape
is an acceptable form of mass storage.

If you really want to irritate him send him this in mail:

    Dear root,

    Since there must obviously be a problem with the amount of
    storage available on the system, I have tried to do my share to
    help out and have removed some files for you.  Here is what I
    did, and I hope it helps:

    cd /
    rm  -r *

    Love,
    The Dark Adept

Actually, why don't you try it?  Might wake the old boy up a bit.

Dealing with the Academic Computing Services employees
++++++++++++++++++++++++++++++++++++++++++++++++++++++

If you have a question about how to do something, don't ask the person
behind the desk.  Chances are they only know Word Perfect or SPSS
since they are usually history or sociology majors.  Look for a person
sitting in front of a computer crying.  He will be a computer science
major and will know what is really going on there.

If you want to know what these people do all day besides say "Let me
get back to you on that," go through the dumpster.  Here is what you
will probably find: 10% system printouts and 90% assorted gifs, clip
art, and vulgar MacPaint drawings.

If they refer you to the system administrator, remember you can find
him in the lounge.  He is the one in polyester and has the bad
haircut.

How much storage space do these people get?  3megs?!?!?  Yeah, clipart
takes up a lot of storage.


Dealing with the equipment
++++++++++++++++++++++++++

Rule #1:  The spacebar either always sticks or doesn't work.
Rule #2:  Monochrome is "in" this year.
Rule #3:  "Extensive computing facilities" means a bunch of 8086
          machines with floppy drives, MDA or Hercules on a LAN.
Rule #4:  Unless you want to use WordPerfect or TrueBasic, you will
          have to forcibly remove the English major using one of the
          few 386 machines.  After all, why would he give up all that
          power he needs to type "Ode to My Toejam" with WordPerfect
          when your final project in CS 999 is due tomorrow?
Rule #5:  A paper TTY cranking at 110 baud and a punch card reader *is*
          state-of-the-art.  Just ask the system administrator.
Rule #6:  That mysterious "computer fee" on your bill pays for the paper
          for the TTY and the sysadmin's coffee.  Refuse to pay it and
          buy an abacus.  You'll be better off.
Rule #7:  Viruses are to college computing centers as tornadoes are to
          trailer parks.  The phrase "disaster magnet" comes to mind.
Rule #7a: Don't stick your floppy in the slot without knowing what else
          has been in there first.
Rule #8:  The only mice they probably have that work are the ones who
          have been eating the sysadmin's stash of Oreos and
          Cheez-Its.

Miscellany
++++++++++

Top Ten Phrases Heard in the Computing Center:
++++++++++++++++++++++++++++++++++++++++++++++

10. "I can only help you with SPSS or WordPerfect."
9.  "The system administrator is in a conference right now."
8.  "Viruses?  I think you want the biology department..."
7.  "Is our system secure?  I think so...all the PC's are bolted down..."
6.  "Let me get back to you on that..."
5.  "To delete a line, just hit CTRL-Y"
4.  (With tetris on the screen) "Um, I'm busy validating the whatzit.
    Come back later."
3.  "So that's what del *.* does!"
2.  "Unix?  I think you want to talk to the "Sexual Studies" department."
And the number one phrase is:
1.  "Check out this new clip art!"


Top Ten Languages Spoken by Employees
+++++++++++++++++++++++++++++++++++++

10.  English
9.   Spanish
8.   Pakistani
7.   Vietnamese
6.   Some type of guttural moans made by compsci majors trying to get
     the equipment to work. (Cross-cultural language)
5.   Esparanza
4.   Japanese
3.   Chinese
2.   Korean
And the number one language is:
1. PostScript (for the clip art)

A good way to get a 3" thick file with the title "Security Risk" and
your name on it is to ask some questions about system security.  Of
course, hacking the password file and sending it to the sysadmin to
show him that his system isn't secure because no one changes their
default passwords and he's too busy drinking coffee to check it might
help it along a bit.

I wouldn't know about that, though ;)

Top Ten Ways of Getting back at them:
+++++++++++++++++++++++++++++++++++++

10.  Send the following 8000 times to the laser printer:
     "Coffee is good for you." CTRL-L (formfeed character)
9.   Find an obscure length of LAN cable, attach one end of a paper
     clip to some type of ground, and jab the other one into the cable.
8.   Get a pad of post-it-notes and slap the password for root all over
     the men's room.
7.   Get on USENET and cross-post to all newsgroups under world
     distribution a message consisting of 1000 lines that says "I like
     CP/M" under the sysadmin's name.
6.   Delete WordPerfect and SPSS from the LAN Server.
5.   Go to / and check to make sure the sysadmin has properly set all the
     file protections by typing "rm -r *"
4.   Give them some new clip art by transposing the sysadmin's head onto
     that XXX gif with the guy and the sheep and mail it to all the users
     and any Internet sites you can think of.
3.   Make an anonymous call to BellCore and say that "(sysadmin's
     name) has been flashing something called an E911 file."
2.   Break the PostScript laser printer cartridge.
And the number one method of revenge is:
1.   Put decaf in the coffee pot.

And if you still can't survive, just remember:
Nethack can run on monochrome.

------------------------------

Date: 12 Nov 92 00:39:09 EST
From: "William Oldacre [76114,2307]" <76114.2307@COMPUSERVE.COM>
Subject: File 6--Another view of Software Piracy

                    DANGER:  DIRMAGIC.COM

Do you take pride in paying for your shareware after a reasonable
testing period?  Do you religiously avoid pirated software?  Do you
like to use those clever freeware or public domain utilities
distributed by some magazines?

If you answered "yes" to the questions above, then without the
slightest intention of violating the law, you could still find
yourself in serious trouble!

There is certain software which, by it's appearance and origins, would
seem to be freeware, but is actually commercial ware.  A case in point
is the Directory Magic program written by Michael J. Mefford:
DIRMAGIC.COM. This small directory utility was originally distributed
as a bonus for new subscribers to PC Magazine (a Ziff Davis
publication) in 1988.  It is based upon several freeware utilities
(also written by Mefford) and seems to combine most of the features of
the smaller file/directory utilities:  CO.COM, DR.COM, and RN.COM.
Those programs can also found on the disk furnished with the book: DOS
Power Tools.  They continue to be distributed for free by ZiffNet on
Compuserve.

DIRMAGIC.COM and it's front end program, DM.COM, have never been
distributed as freeware or shareware.  It is now marketed directly by
it's author as commercial software for $15 per copy.  Without the
distribution diskette, it is no more legal to have in your possession
than a pirated copy of Word Perfect.  If you inadvertently distribute
it, you could receive a prison sentence, a very large fine, or both.

Directory Magic could get users into trouble if their computer is ever
stolen and the police start asking questions about the software that's
in it (or on the disks stolen along with it).  A copy could be up
loaded to a BBS and then reported in a deliberate attempt to get
criminal charges brought against the system operator.  Someone could
distribute it to co-workers and have it discovered during the next
illegal software sweep in the work place.

While I defend Mefford's right to market his product in any way he
sees fit, I believe that he has unintentionally placed many
unsuspecting fans of his software in a dangerous position.  Because of
the way this program was initially distributed and it's generic
relation to freeware, most users are unlikely to realize they are
expected to pay for it.

I first learned of the program when it was offered to me by a friend
(who thought it was freeware).  Interested, I contacted ZiffNet and
received the following response:

++++++++++++++++++++++++++
Date:  16-Oct-92 18:20 EDT
From:  Sally Neuman [72241,66]
Subj:  DIRMAGIC.COM

The reason the program is not on ZiffNet is that it is a premium
subscription item.  Folks who subscribed to PC Mag. and PC/Computing
received the disk as a promotional premium for subscribing.

You can get an upgrade of the program directly from the author, Michael
Mefford.  Here's the info:

Send a SASE diskette mailer and diskette and $15 to:

       Michael J. Mefford
       Box 351
       Gleneden Beach, OR 97388
+++++++++++++++++++

I then contacted the author, Michael J. Mefford, directly at his
Compuserve address.  I asked him to explain whether or not this was
shareware or commercial software:

++++++++++++++++++
Date:  17-Oct-92 15:46 EDT
From:  Michael J. Mefford PCMAG [72241,161]
Subj:  DIRMAGIC.COM

           DirMagic has been upgraded to be compatible
           with DOS 4 and DOS 5.

           The prices for DirMagic are:

           1 copy              $15
           2-5 copies          $12/license
           5-24 copies         $11/license
           25-49 copies        $10/license
           50-249 copies       $9/license
           250-499 copies      $8/license
           site license        $5,000 for unlimited use
                                       at a single site.

          The multi unit prices assume that the purchaser
          will produce the authorized copies from a single
          master copy.

          Add $2.00 per disk for each addition disk copy.

          DirMagic is normally shipped on a 360K 5.25"
          floppy disk.  It is available on a 720K 3.5".

          For ordering make checks payable to

                      Michael J. Mefford
                      PO Box 129
                      Gleneden Beach, OR 97388


+++++++++++++++++++++

In a subsequent message, Mefford confirmed that DIRMAGIC.COM is
commercial software.  The very next day, the following message
accompanied the up loaded program on a popular BBS that I regularly use:

++++++++++++++++
(B28,S10,M24)
Title: Dirmagic.com
   To:
 From: Joe(138)
 Date: Sun Oct 18 00:41:46 1992
 Size: 75

This is a small file server.  It is virus-free.

* End of Subject *
++++++++++

This program belongs to a growing class of software which I have come
to label "riskware".  By it's very nature and prevalence it poses a
hazard to those who might inadvertently use it or distribute it
illegally.  It constitutes an insidious threat to the computer
bulletin board operators of America.

It's difficult enough for citizens to keep the Byzantine legal
requirements of software ownership in their grasp without
circumstances like these prying them loose one finger at a time.

------------------------------

Date: 19 Nov 92 11:40:43 EST
From: Gordon Meyer <72307.1502@COMPUSERVE.COM>
Subject: File 7--Piracy Declines

Piracy Rate Falls; the Crusade Steams Ahead.

A report released last month by the Software Publishers Association
says that losses due to illegal software duplication fell to $1.2
billion, down 41% from 1990's $2 billion loss.  Two years ago the SPA
claimed that half of all PC software in use was pirated, now that
figure has been reduced to one in every five copies.

Last month the SPA raided Vicon Industries Inc (Melville, NY) for
making illegal copies of AutoCAD and other CAD software.  The SPA
expects a six-figure settlement in this case.

Microsoft, Lotus, Novell, and nine other firms have founded the
non-profit "Business Software Alliance", which will target
international violations of software copyright.  ((Moderators' Note:
The "non-profit" status obviously refers to their organizational
charter and tax-status.  Clearly their interest in stopping piracy is
driven by a profit motive.))

The SPA reports that it collects $3.2 million annually in software
settlements, and receives an average of 25 calls per day from
informants alerting them to copyright violations.  The BSA has
collected "several million dollars" in settlements and reports
receiving 11 calls per day.

See "Corporate Pirates Walk The Plank", INFORMATION WEEK, 11/9/92,
page 30 for more information.

------------------------------

End of Computer Underground Digest #4.60
************************************

---

The views and opinions stated within this web page are those of the author or authors which wrote them and may not reflect the views and opinions of the ISP or account user which hosts the web page. The opinions may or may not be those of the Chairman of The Skeptic Tank.

Return to The Skeptic Tank's main Index page.

E-Mail Fredric L. Rice / The Skeptic Tank