Computer underground Digest Sun Jan 10 1999 Volume 11 : Issue 02

Computer underground Digest    Sun  10 Jan, 1999   Volume 11 : Issue 02
                           ISSN  1004-042X

       Editor: Jim Thomas (
       News Editor: Gordon Meyer (
       Archivist: Brendan Kehoe
       Shadow Master: Stanton McCandlish
       Copy Editod:   Ethmoid Shrdlu
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Cu Digest Homepage:

CONTENTS, #11.02 (Sun, 10 Jan, 1999)

File 1--"The Real Millennium Bug" (NetFuture reprint)
File 2--Online Activism?  Try Big Brother
File 3--Microsoft forcing temps to give up claims in lawsuit
File 4--Policy Post 5.1: Advocates Speak Out Against Serbian Internet
File 5--SANS Web Briefing
File 6--Call for Proposals - CFP 99
File 7--Cu Digest Header Info (unchanged since 10 Jan, 1999)



Date: Tue, 15 Sep 1998 14:44:59 -0400
From: Stephen Talbott 
Subject: File 1--"The Real Millennium Bug" (NetFuture reprint)

((CuD MODERATORS' NOTE: Given the hype associated with the Y2K
computer compliance problems, CuD will run periodic articles
featuring some of the more extreme hyperbole along with the more
reasonable stories we come across. Here's a nifty piece from the
archives to start off the series)).

Source: NETFUTURE - Technology and Human Responsibility
Issue #76    Copyright 1998 Bridge Communications    September 15, 1998
              Editor:  Stephen L. Talbott (

           On the Web:
     You may redistribute this newsletter for noncommercial purposes.


                     THE REAL MILLENNIUM BUG

                 Langdon Winner (

                       TECH KNOWLEDGE REVUE
                     1.2   September 9, 1998

The approach of the new century offers an occasion to ponder the condition
of humanity and of the planet that sustains us.  How many of the world's
nearly six billion people live well or in circumstances that are even
marginally agreeable?  How many still suffer poverty, war, disease,
illiteracy, and the other scourges of our species?  Will the policies of
global civilization merely magnify well-known ecological, economic, and
social ills?  Or will the next century find ingenious remedies?

Alas, as the symbolic stroke of midnight speeds toward us, the opportunity
to rethink the situation of humankind and renew our sense of purpose is
rapidly being frittered away.  When people hear about the year 2000 these
days, the first thing that springs to mind is the computer glitch that
threatens to disrupt computer systems and send our institutions careening
toward chaos.  Because programmers in earlier decades economized on space
by cleverly dropping two digits, we are now obsessed with the problem and
the costly challenge of minimizing its possible damage.

Yes, the Y2K troubles are real.  But there's a pungent irony here.  Our
society has become so slavish in its dependence upon digital equipment
that it seems unwilling to face squarely the health of the planet and
humanity's future.  To my way of thinking, this is the real millennium
"bug," the urgent "Year 2000 Problem" that our systems planners, corporate
elites, and political leaders have overlooked in recent years.

One indicator underscores how grave this deficiency has become.  At a time
in which most societies around the world have committed themselves to
technology as the one true path to improvement, the common understanding
of what "technology" means and what it includes is now rapidly shrinking.
Not too long ago "technology" referred to the whole range of tools,
techniques and systems people use to achieve practical ends.  This
definition arose during the nineteenth century, replacing earlier, more
limited definitions.  While the concept was overly broad, it was far
richer than the one gaining prominence today, the notion that "technology"
is just information technology, nothing else.  Other kinds of instruments,
methods, technical arrangements, and devices are grouped under more
specialized rubrics.  Social issues, both promising developments and
gnawing problems, that involve the broader range of technical means, are
fading as matters for public attention and debate.

This warped view of technical matters first gained prominence on Wall
Street, where the category "technology stocks" has taken on a particular
significance.  The technology stocks are, of course, shares in computing,
digital communications, Internet services, and the like.  When one hears
that "technology" is soaring or sinking on the stock exchange, one knows
that we're talking about Microsoft, Dell Computer, Lucent Technologies,
Netscape, Seagate, Sun Microsystems, America Online, Cisco Systems, and
the like.  In this context, the term no longer refers to automobiles,
airlines, chemicals, agriculture, or anything of the sort.  The word
"information" has been dropped as a modifier, leaving "technology" as a
pure, seemingly self-evident label.

This innocuous linguistic convenience for busy stock traders has now
spread, infecting contemporary journalism and everyday speech, signaling a
narrowing of awareness and care.  Oddly enough, this constriction of focus
happens at a time in which, to all appearances, there is an explosion in
sources of news coverage on "technology," hundreds of magazines,
newspapers, paperback books, television programs, and on-line sources
filled with stories about people's involvement with technical things.  For
serious technology watchers, this would seem to be a godsend.  But if one
looks closely at the content of this burgeoning news coverage, the vast
bulk of it is limited solely to the computer industry and the Net.  What
first appears to be a wealth of useful information conceals a profound
poverty of outlook.

Within today's "technology" beat, the press typically follows stories of
just two kinds.  First are reports on the activities of business firms in
the computer and communications field -- the latest deals, mergers,
acquisitions, new product introductions, and strategies of corporate
movers and shakers.  News of this sort used to be confined to the pages of
*Business Week*, *Fortune*, and the financial section of your local
newspaper.  But under the rubric of "technology" the machinations of CEOs,
managers, and lawyers in the information corporations have now been
elevated to a status and glamor not unlike that attached to sports heroes
and rock stars.  Will Bill Gates stave off the Justice Department?  Will
Steven Jobs stay on at Apple?  Will the leaders of Bell Atlantic and GTE
bring off their corporate marriage?  Apparently, the reading public has an
endless appetite for stories of this kind.

Also favored in this approach are reports about digital hemlines -- late-
breaking fashion trends in the design, marketing, and consumption of
computer hardware and software.  Which new gadgets does Silicon Valley
have in store for us this season?  How much computing power will I need to
run the next-generation programs?  Should I buy the latest Windows
upgrade?  What colorful services and diversions can be found on the World
Wide Web?  People who follow rapidly changing info-styles now find a great
torrent of chatter about such matters in both print and pixel.

Commitment to this approach seems all but universal.  The "Technology
Alert" from the *Wall Street Journal* that arrives in my email each day is
never about anything other than computer and communications firms.  If one
turns to the on-line version of the *New York Times* and clicks on
"technology," dozens of articles about the computer biz and digital
hemlines begin scrolling by.   Much the same holds for the hundreds of
newspapers and magazines that print the latest gossip from the Internet
grapevine.  Day by day, the dull uniformity of it all raises the question:
Why bother reading this dross at all?  Here, for example, are some recent
items from the *Times'* predictable stream:

*  "Oracle Announces Online Challenge to Microsoft"

*  "Web Erotica Aims for Female Customers"

*  "Braindump on the Blue Badge: A Guide to Microspeak"

*  "Flat Screens: Good But Costly"

*  "Videoconferencing Stage Fright"

*  "PC's for the High End Crowd"

*  "Putting A Virtual Doggy in Your Window"

*  "Hurricane Watchers Clog Web Sites"

*  "Gossip Sites Target Music and Film Business"

Of course, the mood and outlook of such stories in the *Times* and
elsewhere is strictly "upside," often totally euphoric, Viagra for the
mind.  In both the giddy writing and glitzy neo-neon illustrations, the
model for "technology" journalism in this mode is, of course, *Wired*
magazine.   The recent sale of that publication to Conde Nast, publishers
of *Vogue*, confirmed what many of us had suspected all along, that the
magazine was less a serious discussion of the transition to a digital
society than a never ending barrage of excited promotions for ephemeral
electronic products and the personalities who hawk them.  Now that *Wired*
is owned by those adept at selling cosmetics and couture, its role is at
last thoroughly transparent.  What's remarkable is that so many supposedly
respectable publications have decided to mimic the tawdry self-indulgence
that has become the hallmark of cyber journalism.

An obvious shortcoming of this odd focus for reporting and thinking is the
vast spectrum of interesting and important topics it systematically
neglects.  If one is interested in solar electricity, for example, the
second fastest-growing energy source in the world, one can read for years
and never find it in today's "technology" coverage.  Although the
biotechnically driven "second Green Revolution" will likely affect
billions of people in years to come, its arrival goes all but unnoticed.
If one is interested in the rapidly evolving techniques of flexible
production in global factories and offices, don't bother looking in the
local newspaper or its on-line edition; from all indications, "technology"
doesn't include such things anymore.   How about the ecological disasters
caused by "advances" in the technologies of fishing and acquaculture?
What?  Where?  When?  Why wasn't I informed?

An illustration of a significant piece of news that has gone all but
unnoticed amidst the hoopla of American "technology" coverage is the
raging controversy about the introduction of genetically modified food in
Great Britain.  One study by British scientists, reported recently by BBC
and the *Guardian*, found that rats fed genetically engineered potatoes
suffered stunted growth and weakened immune systems.  Whether or not the
study turns out to be reliable, concerns about it and about genetically
modified food have sparked citizen protest and disputes among the
political parties in Parliament.  While you can be sure that the emerging
biotechnology firms around the world are closely watching this flap and
its possible ramifications, the American reading public is kept in the
dark, nourished by hundreds of Olestra-rich puff pieces about Internet fun
and frolic.

Perhaps aware of the growing vapidity of today's techno-news reporting,
some prominent publications have recently decided they need a larger
theme, a Big Picture within which to frame their topics.  The startlingly
brash, unprecedented, and illuminating context many of them appear to have
settled upon is "Innovation."  Yes, folks, here it comes!  Out of the
research labs, into the hands of entrepreneurs, from there to the global
marketplace, and into your lives -- technology!  What matters in this
perspective is simply an appreciation of the dynamic flow and process.
Never mind the social contexts, broader consequences, or policy choices at
hand.  Behold the surprisingly colorful people engaged in cutting-edge
university and corporate research (and you thought they were just cold and
grey!).   Follow those far-sighted venture capitalists as they seed the
landscape with promising  start-up companies.  Be the first on your block
to catch a glimpse of all the gadgets and new media that will shape the
offices, homes and schools of the future.

Given the long history of campaigns to promote technologies of one kind or
another in this century, it's amusing that anybody would find this
emphasis on "innovation" the least bit novel.  In one guise or another,
this idea has been the bread and butter of industrialists, advertisers and
reporters for eighty years.  Ideas and images celebrating innovation were
already current in visions of modernity of the 1920s when automobiles and
electrical appliances (rather then Palm Pilots) were all the rage.  From
its very first issue, Henry Luce's *Fortune* magazine (1930) regaled
readers with high-tone stories and photographs depicting links between
emerging technology, business initiatives, and social transformation.
Then as now, the arrow of causation always pointed in one direction.  As
the motto of the International Exposition held in Chicago in 1933 boldly
proclaimed, "Science Finds -- Industry Applies -- Man Conforms."

As we receive our daily dose of this threadbare mythology, updated for the
age of cyberspace, the problem is not merely that the scope of reporting
on technology and human affairs is dwindling.  Resourceful readers can
always search out diverse, substantive sources of news and information
about all kinds of technology-related events.  The far more urgent problem
lies in the fact that, at a crucial moment in human history, public
discourse about matters of consequence has been reduced in its outlook,
trivialized in its grasp.  Since people's awareness of what matters is
strongly influenced by what news sources highlight as current and
noteworthy, the shrinking perspective of technology journalism is a
serious loss.

Among the issues that cry out for attention as a new era dawns is the
widening gap of inequality that characterizes the world's population.  Our
much heralded global economy has been very good at producing a handful of
billionaires and millionaires.  But for roughly a third of the Earth's
people, especially children in the less developed countries, grinding
poverty is an everyday reality, a situation already evident even before
the economic crises of the past year.  Can it be that we find the
suffering of hundreds of millions of our fellow human beings insignificant
when compared to the puzzle of finding a Y2K fix?

While we're at it, why not tackle some of the "bugs" that threaten the
environment we will hand to our children?  How about fixing the
technologies that spew millions of tons of CO2 into the air each day,
exacerbating global warming?  How about replacing the systems that pour
toxic chemicals into the air, water and land, slowly poisoning human
populations and other species?  Let's eliminate the errors in our tax laws
that encourage energy waste and other ecologically destructive practices.
And let's fix the development bug that destroys good farmland and
devastates the world's forests.  These are among the steps that would be
taken by those hopeful about Earth's future.

I'm told that if all goes well, if enough time, money, and effort are
invested, our computers will actually remember that a new millennium has
arrived.  Alas, we humans may forget to update our spiritual clocks,
ignoring a momentous turning point and the challenge it presents.

             *   *   *   *   *  *  *  *  *  *  *  *  *  *  *

Tech Knowledge Revue is produced at the Chatham Center for Advanced Study,
P.O. Box 215, North Chatham, NY 12132.  Langdon Winner can be reached at: and at his Web page: .

Copyright Langdon Winner 1998.  Distributed as part of NETFUTURE:  You may redistribute this
article for noncommercial purposes, with this notice attached.

                          ABOUT THIS NEWSLETTER

NETFUTURE is a newsletter and forwarding service dealing with
technology and human responsibility.  It is hosted by the UDT
Core Programme of the International Federation of Library
Associations.  Postings occur roughly every couple of weeks.  The
editor is Steve Talbott, author of *The Future Does Not Compute:
Transcending the Machines in Our Midst*.

You may redistribute this newsletter for noncommercial purposes.
You may also redistribute individual articles in their entirety,
provided the NETFUTURE url and this paragraph are attached.

Current and past issues of NETFUTURE are available on the Web:   (mirror site)        (mirror site)

To subscribe to NETFUTURE, send an email message like this:


Date: Sun, 10 Jan 1999 10:45:13 -0500
From: Udhay Shankar N 
Subject: File 2--Online Activism?  Try Big Brother


                       ONLINE ACTIVISM ? TRY BIG BROTHER

   Governments worldwide have always snooped on their citizens, and the
   Indian government is no exception. Your bank account application, your
   driver's licence, your telephone calls, even your paper mail have all
   been fair game to Big Brother. You don't even need to be a known
   lawbreaker or even a suspected one -- this is often done on a random
   basis, looking for possible "evidence" that could then be used to
   build a case, or to proceed with one. The possibilities for abuse
   inherent in such a system are obvious. ( for example, would you want
   your local neighbourhood policeman to have access to your telephone
   conversations ? Without your knowledge ? Without any recourse even if
   you do find out about it ? )

   Ther are a couple of problems in running this kind of omnipresent
   surveillance, though. In any democratic society, the citizens would
   howl with outrage if they knew that they were the subject of this kind
   of surveillance. In India, in fact, our Constitution, Article 19,
   provides for Freedom of speech and Expression. Though the Constitution
   of India does not provide for Right to Privacy as a Fundamental Right,
   sufficient provisions and judgments of our Supreme court exist wherein
   the citizens of India are free to express certain thoughts and actions
   without hinderance of the State or being held accountable under law.
   And fear of an invisible Big Brother definitely exercises a chilling
   effect on free speech. Thus, unreasonable surveillance of this nature
   is usually extra-legal and anti-constitutional. Activists would be
   alarmed, and certainly raise a huge furore, if any such cases came to

   However, this is usually handled by making such surveillance secret -
   to the extent of making it an offense to even let the citizen know
   that her privacy is being invaded in this manner. Also, where such
   surveillance is clearly unconstitutional and illegal, it is handled by
   attempting to bring it under the banner of "national security" so that
   further questions can be stonewalled.

   The internet, however, holds the promise of making this moot. Email is
   sent out in such quantities that it is almost impossible to scrutinise
   each piece. Also, cryptographic techniques, (see here for a brief
   primer on how cryptography works) if used properly, can ensure that
   *nobody* can tap your email except the person you are sending it to.
   So yet again, technology has overtaken the aims of Big Brother.

   Or has it, really ?

   Governments worldwide are seriously alarmed at the prospect of not
   being to extend their "God-given right" to invade a citizen's privacy
   into the electronic domain. And they are attempting to handle the
   situation in the way they know best -- by making laws about it. Never
   mind if the laws are fair, constitutional, or even feasible (always a
   problem when technology is being regulated by people who do not really
   understand what the technology is and isn't capable of)

   Consider, for example, the following news:

   The BJP government wants to introduce an Indian Information Technology
   Act. That, in itself, is not a bad thing. It is, in fact, a good idea,
   as IT today is administered by an increasingly ragged-looking
   patchwork of outdated and inadequate laws. However, they just couldn't
   resist the opportunity to try and make things easier for them to
   surveil the citizenry, preferably without said citizenry's knowledge.

   The draft bill which has been prepared by the Department of
   Electronics (DoE) has been sent to the Law Ministry for clearance. It
   will then be sent to the Cabinet for approval and ratification.

   Some of the alarming proposals in this bill are:

   Any Internet Service Provider will have to make arrangements to
   monitor all traffic passing through its servers, and make such traffic
   available to "properly constituted authorities" for "valid reasons of
   security". This would include agencies such as the Central Bureau of
   Investigation (CBI), the Intelligence Bureau (IB) and the Research and
   Analysis Wing (RAW). And they aren't sparing encrypted traffic,
   either. On demand, you will be expected to decode messages you have
   sent, in effect handing over your private key.

   The purported reason ? "National Security".

   As usual.

   The proposed bill also contains some confusing references to "distant
   signatures" which it says will help e-commerce, but I wish to focus
   on the damage which the tapping provision will cause.

   As the British net.activist Danny O'Brien said in response to similar
   legislation in the UK, these are the reasons why this is a very bad

   It's bad for e-commerce.

   It will add billions to the cost of doing business online, and take
   months - even years - to implement.

   People won't trust a system which gives a government-appointed
   stranger a back-door key to their e-mail.

   Overseas consumers and businesses won't want to trade with us. They
   won't want to give away the keys to their data, either.

   It'll impact the IT industry by driving business overseas.

   There is near-zero enthusiasm for the government's proposals amongst
   big business. Anywhere.

   It won't catch a single criminal.

   Criminals won't use the government's system. It's trivially easy to
   bypass the proposed controls if you're planning on breaking the law.
   For example, all it takes is one entry in your email program to use a
   different server to send out your mail, thus redering the whole issue

   Also, there exist techniques like steganography that hide encrypted
   data in such a way as to escape detection.

   Despite this, we've yet to hear of one example of an investigation
   which has been hampered by an inability to break encrypted codes.
   National security or otherwise.

   In fact, as Fred Baker, Chair of the Internet Engineering Task Force
   (IETF) said in a recent announcement,

...strong cryptography is essential to the security of the
Internet; restrictions on its use or availability will leave us
with a weak, vulnerable network, endanger the privacy of users and
businesses, and slow the growth of electronic commerce.

   There is still time. If government sees that there is uproar over
   this, they will push it underground for a while. It won't go away, but
   it will buy time.

   An example of the kind of uproar I'm talking about is the spontaneous
   anger that erupted on various mailing lists when this news got out. I
   have collected some of the most technically and logically sound
   arguments here.

   some URLs for more information:


   Udhay Shankar N  is a net.consultant based in


Date: Thu, 7 Jan 1999 17:56:10 -0800
From: Jim Galasyn 
Subject: File 3--Microsoft forcing temps to give up claims in lawsuit

Posted at 06:48 a.m. PST; Thursday, January 7, 1999
Microsoft forcing temps to give up claims in lawsuit

by Jay Greene
Seattle Times technology reporter Microsoft is forcing its
contract workers to make a choice - give up any money they might
win from a class-action lawsuit or stop working for the company.

Microsoft is requiring that temporary workers sign new deals when
their contracts expire. The agreements include a new sentence that
specifically excludes them from benefiting from any judgments that
might come about from ongoing litigation.

Contract workers filed a class-action suit against Microsoft in
1992 over their status, claiming the company treats them like
full-time workers in every regard but compensation. They are
asking a judge to rule that they are so-called "common law"
employees, a decision that would force Microsoft to pay the group
millions of dollars in benefits, including gains from employee
stock-purchase programs.

By signing the new agreement, workers would give up that potential

The agreement says: "Even if a court or government agency
determines that temporary personnel and Microsoft have had a
common law employer-employee relationship at any time, temporary
personnel . . . will not be entitled to receive . . . any
different or additional pay, or any benefits, insurance coverage,
tax payments or withholding, or compensation of any kind."

Microsoft spokesman Dan Leach said temporary workers started
getting the new agreement this summer as their existing contracts
- which often run three to six months - expired.  According to the
workers, a wave of new contracts came near the end of the year,
when many short-term contracts expire.

Jay Greene's phone message number is 206-464-3287. His e-mail
address is:


Date: Wed, 6 Jan 1999 15:46:15 -0500 (EST)
From: Ari Schwartz 
Subject: File 4--Policy Post 5.1: Advocates Speak Out Against Serbian Internet

The Center for Democracy and Technology  /____/     Volume 5, Number 1

      A briefing on public policy issues affecting civil liberties online

 CDT POLICY POST Volume 5, Number 1                    January 6, 1999

(1) Advocates Speak Out Against Serbian Internet Censorship
(2) Global Support Urged for Online Freedom of Expression
(3) Subscription Information
(4) About CDT

  ** This document may be redistributed freely with this banner intact **
        Excerpts may be re-posted with permission of 


The United States Institute of Peace today hosted a forum to discuss the
recent attempts of the Milosevic government to restrict the free flow of
information in Serbia.  CDT senior staff counsel Jim Dempsey joined OpenNet
director Drazen Pantic of Belgrade in describing the potential of the
Internet to evade government censorship.

Over the past several years, the Serbian government has sought to repress
sources of objective reporting and voices for ethic tolerance and peace.
This effort has included attempts to shut down Belgrade's Radio B92 and
its Internet ISP, OpenNet, Two years ago, when the
government tried to shut down the station, B92 responded by sending
its audio feed out of the country via the Internet, where it was
successfully transferred to Radio Free Europe and other stations and
rebroadcast back into the country to a larger audience than ever before.

In recent weeks, the Milosevic regime has targeted B92 and OpenNet again.
In December 1998, the Serbian university network was ordered to filter out
Radio B92's OpenNet website.  This action had a wide impact, since many
non-academic organizations such as independent media and nongovernmental
organizations get their Internet access through the university.  To keep
OpenNet's information accessible, Internet sites around the world set up
mirror sites, which hosted OpenNet press releases, reports, and audio
broadcasts.  Realizing how ineffective the mirroring made the filters, the
Serbian Academic Network stopped filtering most OpenNet sites.  The
government now is filtering only the  news in Serbian, which is still
available via email to tens of thousands of subscribers and on the mirror

In addition to Pantic and Dempsey, today's program included John Fox,
Director of the Open Society Institute's Washington office; Rob Timm, 99.1
FM WHFS radio, Washington D.C. and Director, War Child USA/ Balkans
Independent Radio Project; and Gene Mater, Freedom Forum,  Bob Schmitt of the Institute of Peace,, organized the program.


Last year, CDT issued for the Global Internet Liberty Campaign a report
entitled "Regardless of Frontiers: Protecting the Human Right to Freedom of
Expression on the Global Internet."  The report examines the Universal
Declaration of Human Rights and other international human rights
agreements, which proclaim that everyone has the right to "seek, receive
and impart information and ideas through any media and regardless of
frontiers."  Given the Internet's uniquely open, global, decentralized and
user-controlled nature, the report argues that human rights principles
should be read as offering especially strong protection to freedom of
expression online.  The "Regardless of Frontiers" report is available at

At today's forum, Dempsey noted that Radio B92's experience fighting
censorship in Serbia exemplifies struggles going on around the globe. In
Germany, China, Saudia Arabia, Russia and the United States, governments
are trying to censor and monitor the Internet.  The result is a sort of
"electronic cat and mouse game," with the highest of stakes, as governments
seek to exercise control and democracy activists seek the legal and
technical means to defeat censorship.

In addition to pointing to infrastructure support efforts like those of the
Open Society Institute, and the
potential of international human rights principles, Dempsey called on the
US government and international bodies to support freedom of expression and
affordable access to an open Internet.  He noted that the US government
instead is leading a world-wide campaign to limit access to the strong
encryption necessary for security and privacy on the Internet.


Be sure you are up to date on the latest public policy issues affecting
civil liberties online and how they will affect you! Subscribe to the CDT
Policy Post news distribution list.  CDT Policy Posts, the regular news
publication of the Center For Democracy and Technology, are received by
Internet users, industry leaders, policymakers and activists, and have
become the leading source for information about critical free speech and
privacy issues affecting the Internet and other interactive communications

To subscribe to CDT's Policy Post list, send mail to

In the BODY of the message (leave the SUBJECT LINE BLANK), type

     subscribe policy-posts

If you ever wish to remove yourself from the list, send mail to the above

    unsubscribe policy-posts

The Center for Democracy and Technology is a non-profit public interest
organization based in Washington, DC. The Center's mission is to develop
and advocate public policies that advance democratic values and
constitutional civil liberties in new computer and communications

Contacting us:

General information:
World Wide Web:

Snail Mail:  The Center for Democracy and Technology
             1634 Eye Street NW * Suite 1100 * Washington, DC 20006
             (v) +1.202.637.9800 * (f) +1.202.637.0968


Date: Wed, 6 Jan 1999 03:09:28 -0500 (EST)
Subject: File 5--SANS Web Briefing

This note announces our January SANS web-based briefing.  This month, we
have one of the hottest security topics available: `Emerging Patterns in
Intrusion Detection'.  For one hour, Alan Paller will interview Stephen
Northcutt, who oversees intrusion detection for more than 14,000 computers
and chairs the National Intrusion Detection & Response conferences.  You
might have seen Stephen's name on the SHADOW intrusion detection system.

As with all SANS web-based briefings, you don't have to leave your office or
home, and can tap in at any time 24 hours a day (though only at the time
below will the presentation be live!).  Participants during the live
briefing can e-mail questions to be answered during the broadcast (time
permitting, of course).

The SANS Institute and Axent Technologies are co-sponsoring this briefing
with the cooperation of ISSA -- The Information Systems Security Association
and ISACA -- The Information System Audit and Control Association.

What:     Interview with Stephen Northcutt, intrusion detection expert

When:     Thursday, January 14, 1999  (and later for `reruns')
          10 am Pacific Time, 11 am Mountain, noon Central, 1 pm Eastern, 18:00

Duration: 60 minutes

Cost:     Free

Who:      Security, network, or system admins or auditors who wish to hear about
          state of the art in intrusion detection

Where:    Your internet-connected computer that can receive broadcasts from

How:      Register at

The website should reply within a minute or two with some background
literature from our sponsor and the URL and password for the free broadcast.
If you don't get a reply, please let me know at .

Feel free to share this announcement with any potentially interested parties.

				Your SANS Public Relations Guy,

Rob Kolstad            The SANS Institute 301-951-0102
----- Upcoming Events: ------------------------ Current Publications: ----
Intr Detect & Response (San Diego 2/99)       SANS Network Security Digest
                                                        The SANS NT Digest
SANS '99 (Baltimore, 5/99)               Windows NT Security: Step-by-Step
Network Security 99 (New Orleans, 10/99)   Incident Handling: Step-by-Step
                                         Intrusion Detection: Shadow Style
                                                   1998 SANS Salary Survey
See for info          WindowsNT Power Tools: Consensus


Date: Tue, 15 Dec 1998 15:11:19 -0500
From: David Banisar 
Subject: File 6--Call for Proposals - CFP 99

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

[Circulate until January 15, 1999]

                Computers, Freedom + Privacy 1999
                    THE GLOBAL INTERNET

                     Omni Shoreham Hotel
                        Washington, DC
                       April 6-8, 1999


The Program Committee of the conference on Computers, Freedom, and
Privacy (CFP99) is seeking proposals for the ninth annual CFP,
which will be held in Washington DC between April 6th and April 8th
1999 at the Omni Sheraton Hotel.

CFP is the leading Internet policy conference. For almost a decade,
CFP has shaped the public debate on the future of privacy and
freedom in the online world. The CFP audience is diverse with
representatives from government, business, education, non-profits
and the media. The themes are broad and forward-looking. CFP
explores what will be, not what has been. It is the place where the
future is mapped.

The theme of the 1999 CFP conference is "The Global Internet."
Proposals are welcomed on all aspects of privacy and freedom. The
1999 Program Committee is particularly interested in receiving
proposals that deal with:

	ACCESS TO THE INTERNET, particularly those relating to
	globalization and governance. Of particular interest are
	issues of privacy, censorship, free speech and access.

	INTERNATIONAL ISSUES, especially the emerging issues of global
	privacy protection, encryption policy, international
	principles of human rights, regulation, legislation, and

	ELECTRONIC COMMERCE, including the impact of payment systems,
	regulations, and technical standards on personal freedom and

	CULTURE AND LANGUAGE ON THE INTERNET, such as the significance
	of diversity, multilingualism, and cultural representation

We strongly encourage proposals that involve leading experts,
innovators, policymakers, and thinkers.

The CFP99 Program Committee will finalize the selection of
proposals by February 1, 1999, and all proposals must be received
by January 15, 1999 Please follow the submission guidelines below.


Proposals should be sent by email to before
January 15, 1999.

Proposals should include the following information:

	1. Presentation Title

	2. Presentation Type (Panel discussion, Luncheon meeting,
	Tutorial, "BOF" Session)

	3. Proposed Length of Presentation (typical CFP sessions are 1

	4. Name(s) of Speaker(s), plus brief background description
	for each speaker.

	5. A one to two paragraph description of the Topic and Format,
	suitable for conference brochure and press release.

	6. Complete contact information (email, phone, and mailing
	address). For presentations with more than one speaker, please
	provide contact information for all of the proposed speakers.

For more information on the Computers, Freedom, and Privacy
Conferences, please visit the conference Web page If your have further questions about CFP,
please feel free to contact a member of the Program Committee.


Marc Rotenberg, EPIC and ACM, Washington, DC, CFP99 Chair; Carlos
Afonso, Alliance for Progressive Computing, Rio de Janeiro, BRAZIL;
Phil Agre, University of California, San Diego, California; Yaman
Akdeniz, Centre for Criminal Justice Studies, Leeds University,
London, UNITED KINGDOM; Roger Clarke, Australian National
University, Canberra, AUSTRALIA; Tracey Cohen, Centre For Applied
Legal Studies, SOUTH AFRICA; Lorrie Faith Cranor, AT&T
Labs-Research, Florham Park, New Jersey; Simon Davies, London
School of Economics, London, UNITED KINGDOM; David Flaherty, Office
of the Privacy and Information Commissioner, British Columbia,
CANADA; Oscar Gandy, Annenburg School of Communication,
Philadelphia, Pennsylvania; Deborah Hurley, Harvard Information
Infrastructure Project, Kennedy School of Government, Cambridge,
Massachusetts; Joichi Ito, Digital Garage, Tokyo, JAPAN; Stephen
Lau, Privacy Commission, HONG KONG; Paul McMasters, Freedom Forum,
Rosslyn, Virginia; Peter Neumann, SRI, Menlo Park. California; Eli
Noam, Columbia University, New York, New York; Jonathan Peizer,
Open Society Institute, New York, New York; Bruce Schneier,
Counterpane Systems, Minneapolis, Minnesota; Keith Sears, Creative
Artists, Los Angeles, California; Barbara Simon, ACM, Palo Alto,
California; Ross Stapleton-Gray, Electronic Embassy Program,
Arlington, Virginia; Barry Steinhardt, American Civil Liberties
Union, New York; Nadine Strossen, American Civil Liberties Union,
New York, New York; Frank Tuerkheimer, University of Wisconsin,
Madison, Wisconsin


Rob Kushen, Open Society Institute, New York, New York


Jim Warren, Woodside, California (CFP91); Lance Hoffman, George
Washington University, Washington, DC (CFP92); Bruce Koball,
Berkeley, California (CFP93); George Trubow, John Marshall School
of Law, Chicago, Illinois (CFP94); Carey Heckman, Stanford Law
School, Stanford, California (CFP95); Hal Abelson, MIT, Cambridge,
Massachusetts (CFP96); Kent Walker, Netscape Communication,
Mountain View, California (CFP97); Mark Lemley, University of Texas
School of Law, Austin, Texas (CFP98)



Date: Sun, 10 Jan 1999 22:51:01 CST
From: CuD Moderators 
Subject: File 7--Cu Digest Header Info (unchanged since 10 Jan, 1999)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup:

Or, to subscribe, send post with this in the "Subject:: line:

Send the message to:


The editors may be contacted by voice (815-753-6436), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message:   UNSUB CU-DIGEST
(NOTE: The address you unsub must correspond to your From: line)

CuD is readily accessible from the Net:
  UNITED STATES: ( in /pub/CuD/CuD
    Web-accessible from:
         ( in /pub/Publications/CuD/
         in /doc/EFF/Publications/CuD/
  EUROPE: in pub/cud/ (United Kingdom)

The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.


End of Computer Underground Digest #11.02

<--">Return to the Cu Digest homepage

Page maintained by: Jim Thomas -