Not Much Good News Here (Spring, 1994) -------------------------------------- A trip to the library can reveal all sorts of fascinating items. A publication called Prosecutor's Brief, described as the "newsjournal of the California District Attorneys Association" had some rather shocking advice in its Summer, 1989, edition. (Too bad we didn't catch this one sooner.) In the lead story, author Jerry P. Coleman proclaims, "Prosecutions of phone 'hackers' are not overly complicated, may be even fun, and can certainly assist your office's strained budget by providing a ready source of computer hardware." According to California Penal Code section 502.7(g), "An instrument, apparatus, device, plans, instructions or written publication... may be seized under warrant or incident to a lawful arrest, and, upon the conviction of a person for a violation of subdivision (a), (b), or (c), the instrument [etc.] may be... turned over to the person providing telephone or telegraph service in the territory in which the same was seized." But, according to the article, most of these companies will donate the equipment "right back to law enforcement." What a cozy arrangement. Concerning monitoring, some of the revelations are pretty scary. It seems that pen registers operated by Pacific Bell double as partial wiretaps, and it's perfectly legal for them to record conversations without a warrant if it's part of a phone company investigation! The article states, "In the case of Pacific Bell, but not necessarily all other companies, the first 90 to 120 seconds of each call made from the trapped line is taped for the purpose of identifying the person(s) using the illegally hacked codes." The article goes on to describe the ideal scenario: "If you are fortunate enough to receive the case before the search warrant has alerted the hacker to the investigation, your most important decision may well be the length of time the DNR stays on the targeted line. Weighing in favor of greater DNR time are the desires for obtaining at least a $400 felony loss, and identifying with certainty the hacker. Those considerations must be balanced against the risk that the DNR and its attendant call content taping will be suppressed as being an unreasonable privacy infringement, and the moral consideration of continued losses to the common carrier." The "recorded salutations" on the tape are considered a key bit of evidence since they identify the defendant. In addition, "any notebooks containing handwritten authorization codes, phone numbers called, etc., can be compared to the known handwriting of the defendant (from booking slip and/or court-ordered exemplars). Don't neglect the seized computer's own memory banks either its internal hard disk or any floppy disks may contain programs or files identifying the computer's user as the defendant." District attorneys are also urged to look through the evidence for any "contacts among the hacker community" or BBS numbers. Another "particularly fun" way of prosecuting a hacker is to look through his computer programs for games that have a listing of the top 10 scorers. "If your defendant's name appears close to the top of the list (or exclusively), it is quite reasonable to argue that, having had the most time to play the game this successfully, the defendant must own the computer." Another absurdity concerns the justification for seizing telephones, described as "entirely appropriate within the statute, and serves to drive home rather graphically to the hacker just how serious this matter of criminal prosecution is." It's pretty obvious how serious computer crime is to district attorneys in California. Here is our first solid piece of evidence that they consider hacker cases to be fun and easy ways of getting other people's computer equipment for themselves. A true mockery of justice. ------------------------------------------------------------------------------- The Clinton administration is becoming obsessed with monitoring citizens. On February 4, the administration rejected all of the criticism it has received on the Clipper Chip proposal and announced plans to move full speed ahead with its implementation - on a "voluntary" basis. The Clipper Chip would allow law enforcement to eavesdrop on phone calls that use the government standard of encryption. Civil liberties groups have strongly condemned Clipper and its companion Capstone (for data encryption) because of the potential for abuse and widespread monitoring of citizens. This technology is being developed with the help of the NSA, an organization that's supposed to keep its monitoring activities outside our borders. And that's not all. More recently, the administration reintroduced a digital telephony proposal that would require phone companies to provide real-time traffic analysis to all law enforcement agencies. Unlike a pen register, this is an ability that will always be there, one which simply has to be turned on. The data would then be sent to a remote monitoring post. According to the Electronic Frontier Foundation, such information amounts to more than just the numbers we dial: "As we all come to use electronic communications for more and more purposes," a recent press release says. "This simple call setup information could also reveal what movies we've ordered, which online information services we've connected to, which political bulletin boards we ve dialed, etc. With increasing use of telecommunications, this simple transactional information reveals almost as much about our private lives as would be learned if someone literally followed us around on the street, watching our every move."