Computer underground Digest Mar 3 1999 Volume 11 : Issue 14

Computer underground Digest    Wed  3 Mar, 1999   Volume 11 : Issue 14
                           ISSN  1004-042X

       Editor: Jim Thomas (cudigest@sun.soci.niu.edu)
       News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu)
       Archivist: Brendan Kehoe
       Commie Radiator:   Etaion Shrdlu, Mssr.
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Cu Digest Homepage: http://www.soci.niu.edu/~cudigest

CONTENTS, #11.14 (Wed, 3 Mar, 1999)

File 1--REVIEW: "Countdown Y2K", Peter de Jager/Richard Bergeon
File 2--Cyber Sleuths Have More Than Your Number (TCD fwd)
File 3--Dangers of New Internet Bill (PFAW fwd)
File 4--Bill Lifting Encryption Controls Re-Introduced (CDT fwd)
File 5--SurfWatch blocks the Web's #1 pro-censorware site
File 6--Linkname: LII's Focus on Gambling
File 7--"Cyberporn" Busts: When will they ever learn?
File 8--PGP 6.0.2i now available
File 9--Cu Digest Header Info (unchanged since 10 Jan, 1999)

CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.

---------------------------------------------------------------------

Date: Thu, 4 Mar 1999 08:29:10 -0800
From: "Rob Slade, doting grandpa of Ryan and Trevor" 
Subject: File 1--REVIEW: "Countdown Y2K", Peter de Jager/Richard Bergeon

BKCNDY2K.RVW   990130

"Countdown Y2K", Peter de Jager/Richard Bergeon, 1999, 0-471-32734-4,
U$29.99/C$46.50
%A   Peter de Jager
%A   Richard Bergeon
%C   5353 Dundas Street West, 4th Floor, Etobicoke, ON   M9B 6H8
%D   '99
%G   0-471-32734-4
%I   John Wiley & Sons, Inc.
%O   U$29.99/C$46.50 416-236-4433 fax: 416-236-4448 rlangloi@wiley.com
%P   330 p.
%T   "Countdown Y2K: Business Survival Planning for the Year 2000"

The authors have already had one crack at this, since this book is a
"complete update" (according to the publisher) of "Managing 00."  The
level of experience is not exactly evident.

Chapter one is a disorganized aggregation of the various types and
ways that the 2000 year is going to present problems.  (The blame is
once again laid on Hollerith cards.)  It also tries to present an idea
of the size and scope of the crisis by looking at the volume of work
to be done.  Because of the lack of structure, though, the impression
left is generally one of confusion.  It is also rather odd that the
authors did not take the opportunity to present more examples from the
problems that have arisen, and how much work it took to deal with
them.  (Appendix A gives a "case study": of a fictional company.)  The
disarray extends into chapter two with discussions of project 2000
team composition, systems inventories, and a completely bizarre table
of "best before" dates for Microsoft products.  Talk about embedded
systems get really disorienting in chapter three.  We are told "an
aluminum plant began to run amok" (because of leap year, not Y2K) but
without more details it seems likely that this was due to a process
control failure, not an embedded system.  There is also mention of the
failure of older GPS (Global Positioning Systems) in August of 1999,
without mention of the fact that this only coincidentally falls close
to December 31, 1999, and has a different cause.  Chapter four returns
to Y2K projects, with some helpful information.  However, it is also
clear that this material is dated, since it talks about "event
horizons" that have passed for just about everyone.

Y2K is a project, like any other project, and chapters five to seven
basically provide generic project management advice.  Chapter five
looks at macro planning topics.  There is a rehash of prior material
and a bit of a checklist in chapter six.  Personnel issues dominate
chapter seven.

Chapter eight gets into the nitty gritty of conversion with a look at
date formats, coding, and the windowing, bridging, or wrapping
approaches to software fixes.  There is a recommendation to look to
the resources that you have, in terms of general maintenance software,
in chapter nine.  A list of different types of maintenance tools, and
how they can be used for a Y2K project, is in chapter ten.  Chapter
eleven looks at outsourcing and takes a balanced approach, although
its answer to the all important "how to assess" question is a reminder
of that old saw: if you can tell the difference between good advice
and bad advice you don't need any advice.

Chapter twelve is very important to any Y2K plan: how to plan for
failure.  Which deficiency will create the most mess, and what can you
do about it?  Legal problems and lawsuits are overviewed in chapter
thirteen.  For those still needing tools or outsourcing, Appendix B
lists Y2K vendors.  Appendix C provides information on Web sites.  The
bibliography in appendix D is, for once, annotated.  Unfortunately,
when you look at the annotations, they are fairly obviously just
recycled press releases.

Given the fact that the authors have already had one chance at the
subject, and have been at the forefront of publicizing the problem, it
is disappointing that the result isn't of higher quality.  On the
other hand, one cannot say that it is any worse than the others in the
pack.

copyright Robert M. Slade, 1999   BKCNDY2K.RVW   990130

======================
rslade@vcn.bc.ca  rslade@sprint.ca  robertslade@usa.net  p1@canada.com
Find virus, book info http://victoria.tc.ca/techrev/rms.htm
        Mirrored at http://sun.soci.niu.edu/~rslade/rms.htm
        Linked to bookstore at http://www97.pair.com/robslade/
Comp Sec Weekly: http://www.suite101.com/welcome.cfm/computer_security
Robert Slade's Guide to Computer Viruses, 0-387-94663-2 (800-SPRINGER)

------------------------------

From: editor@TELECOM-DIGEST.ORG
Date: Mon, 22 Feb 1999 17:53:05 -0500 (EST)
Subject: File 2--Cyber Sleuths Have More Than Your Number (TCD fwd)

Source: TELECOM Digest    Mon, 22 Feb 99   Volume 19 : Issue 18

((MODERATORS' NOTE:  For those not familiar with Pat Townson's
TELECOM DIGEST, it's an exceptional resource.  From the header
of TcD:
   "TELECOM Digest is an electronic journal devoted mostly but
   not exclusively to telecommunications topics.  It is
   circulated anywhere there is email, in addition to various
   telecom forums on a variety of public service systems and
   networks including Compuserve and America On Line. It is also
   gatewayed to Usenet where it appears as the moderated
   newsgroup 'comp.dcom.telecom'. Subscriptions are available to
   qualified organizations and individual readers. Write and tell
   us how you qualify:
                    * ptownson@massis.lcs.mit.edu * ======"  ))
                       ==================


From--Monty Solomon 
Subject--Cyber Sleuths Have More Than Your Number
Date--Mon, 22 Feb 1999 14:39:39 -0500


http://www.accessatlanta.com/ajc/bigstory/022199/privacy.html

By Andrew Alexander
Cox Washington Bureau

Washington -- "You're kidding!" my wife exclaimed when I told her that
someone had gained access to our private bank records, lifted our
account number and recorded our balance.

There was more.

They had also tracked our recent long-distance calls, identifying
those we had telephoned by name, address and occupation. And they had
compiled dossiers on us, complete with Social Security numbers,
property holdings and financial dealings.

"That's incredible," she said. "How can they do that?"

Easily, it turns out, in the computer age.

"They," I finally confessed, was actually my Cox Newspapers Washington
Bureau colleague Elliot Jaspin, a Pulitzer Prize-winning high-tech
wizard who had delved into our personal lives at my invitation.

He was trying to come up with a way for our reporters to use computer
databases to do background checks on little-known figures who suddenly
break into the news, quickly learning about pending lawsuits or
long-concealed arrests.

Start with only my name, I suggested, and see what you can get.

He hit pay dirt within a few days.

Given more time -- and a little money -- he soon would have been able
to obtain confidential records of my credit card purchases, salary,
stocks, bonds, credit history, life insurance policy, recent air
travel, whether I had ever been nailed for speeding, and even my
medical records going back 10 years.

While the popular notion is that a computer linked to the Internet is
a key that unlocks all kinds of personal secrets, most databases on
the Internet are dull as dishwater.

Switchboard, for example, will allow you to instantly discover Uncle
Edgar's telephone number in Dubuque. But then, calling information
will get you the same thing.

The Internet, however, carries ads for a burgeoning and largely
uncontrolled industry of "information brokers" that -- for a fee --
will reveal the most intimate details of your life, right down to that
birthmark on your backside or ancient records of psychological
treatment.

For fees as low as $40 per search, they will disclose non-published
telephone numbers or track down the owners of private
aircraft. Corporate Investigative Services of Huntsville, Ala., has a
Web site that also allows you to listen to the theme music from
"Mission Impossible" while you link to hundreds of other sites.

Some companies, like AutoTrack, have assembled massive computerized
databases containing several billion public records. Using
sophisticated database software, information is quickly plucked from
scores of different files, and within minutes is woven together into a
report.

AutoTrack files are interesting, but not nearly as revealing as
companies that use what they politely term "pretexts" to shoehorn
information from banks, phone companies and anyone else you may do
business with. The major weapon here is a huckster's patter rather
than a computer.

Judging from information broker ads, everything is up for grabs. That
includes the location of your safe deposit box, your bank deposits
anywhere in the world, and even your bank account history, including
dates and amounts of deposits, checks written or wire transfers.

As privacy expert Robert Ellis Smith of Rhode Island noted, "Every
fact about you is on record somewhere," and information brokers see
that as fair game.  Posing as a forgetful husband, telephone repairman
or bank clerk, a private investigator can often get this information
by outwitting low-level clerks at the phone company or some obscure
branch of a major bank.

There are few laws forbidding disclosure.

"It's our company policy not to release any customer information
without a court order or some legal document," said Sandy Arnette, a
spokeswoman for Bell Atlantic in Baltimore. "But there is no state or
federal law against disclosure."

In fact, the House Banking Committee found only three states --
Connecticut, Illinois and Maine -- with laws making it a crime to
induce an employee of a financial institution to disclose data about a
customer's account. And there are no federal statutes against using
"pretexts" to wangle private data from financial institutions.

Rep. James A. Leach, R-Iowa, chairman of the House Banking Committee,
tried unsuccessfully to get the practice outlawed last year, and he
has introduced the same bill again this year.

But who cares if you have a checking account in Duluth and own 40
acres of scrub land in Texas?

Creditors do.

Banks, who need to collect on bad credit card debts, routinely turn to
lawyers who specialize in collections. And these lawyers, in turn, use
information brokers to find assets they can attach.

"We do a lot of credit card collection. Thousands of cases a week,"
said Mike Martin of Advanced Research Inc.

The American Bankers Association supports Leach's proposed legislation
to outlaw fraudulently obtaining information from banks. But ABA
member banks "hire us to do exactly what it is they're trying to shut
down," Martin said.

Information brokers also will chase deadbeat dads. "Very often, it
gets used for good purposes," private investigator Edmund Pankau of
Houston said.

"Not long ago," he recalled, his firm traced the financial dealings of
a Houston man who had left his family. The information allowed them to
locate the man in another city. "He had skipped out on his ex-wife,"
Pankau said, "but they needed to find him because his daughter needed
a bone marrow transplant and he was the only one who could help."

Some in the press also use information brokers to snoop. Al
Schweitzer, a controversial private investigator -- he pleaded guilty
in 1992 to illegally buying Social Security records -- became a legend
by compiling detailed dossiers on Hollywood stars for the National
Enquirer.

After actor Kiefer Sutherland split from Julia Roberts, Schweitzer
used her phone records to locate him at his ranch in Whitefish,
Mont. He used the same method to track down Marlon Brando's daughter
in Tahiti.

But there is a darker side of riffling through private information.

Federal officials express growing concern about "identity fraud" or
"identity theft," in which a con artist uses purloined personal
financial information to assume your identity, then loots your bank
account or makes costly purchases with your credit card number.

The extent to which Americans are actually harmed by this is unclear.

A report last year by the General Accounting Office, the investigative
arm of Congress, suggests a startling rise in identity fraud. Trans
Union, a leading credit reporting firm, told GAO that the number of
inquiries about credit fraud it receives each year jumped from 35,235
in 1992 to 522,922 in 1997. Two-thirds involved identity fraud.

But in the same report, GAO acknowledged that it could find "no
comprehensive statistics on the prevalence of identity fraud."
Pressured by the Federal Trade Commission and the threat of
restrictive legislation, some large data collection firms have begun
self-regulation. Several such companies represented by the Individual
Reference Services Group recently agreed to abide by rules limiting
unauthorized disclosure of information.

But hundreds of other firms remain essentially unregulated, including
the bulk of information brokers.

A decade ago, only a handful existed. Today, said Evan Hendricks,
editor of the Washington-based Privacy Times newsletter, there may be
as many as 2,000.

The explosion of the Internet and higher-powered computers means we've
entered an era where "nothing is private," Pankau warned.

"I can't think of anything that's private," agreed Smith, who
publishes Privacy Journal, a monthly newsletter that monitors how new
technology affects privacy.

But the extent of actual financial harm is difficult to gauge. My wife
was most troubled by the notion that someone could so easily obtain
information we thought was private. Disclosure, she conceded, does not
automatically mean damage.

"But I would argue that just the mere unauthorized access [to private
information] is one form of harm," Hendricks said, "and psychological
harm is very real."

                      ==================

[TELECOM Digest Editor's Note: The technique called 'pretexts' as well
as what some term 'social engineering' does not work as well as it
used to, but sadly it still works well enough in some companies to
get the information desired.

One of the largest credit bureaus, Trans-Union Credit Information
Corporation, takes the problem of 'social engineering' and 'pretexts'
seriously enough that for a number of years its larger customers --
for example banks and credit card processing centers, or anywhere
there might be several clerks working all day long doing nothing
but pulling credit bureau reports for other departments, etc -- were
supplied with large posters to place on walls in the office which
warned about this problem.

The poster showed a very stern-looking Uncle Sam, with top hat and
appropriately striped trousers, etc. With a frown on his face and
fingers in front of his lips the caption said, 'Please do not violate
our trust in you. You are entrusted with files from the credit bureau
as a specific part of your job. It is against federal law to retrieve
information without a specific and legitimate reason for doing so. It
is against the law to deliberatly place incorrect information in a
bureau file. Both of these crimes are punishable by a fine of up to
XXX dollars, or ten years imprisonment, or both, as a court of law
would direct.

"DO NOT BE DECEIVED by a telephone call you might receive, or a
'favor' asked of you by a co-worker! You will NEVER be contacted by
the credit bureau asking you to reveal a password or information you
saw in a bureau file. If a person claiming to be a superior at your
company calls and tries to get you to provide this type of information
you should disconnect the call and tell your supervisor immediatly.
The executives at your company would never ask you to do something
like that. They would go through 'channels' to obtain the information
they legitimatly need from our files.

"If you would like to talk to us about one of our employees at the
credit bureau or about an incident which happened to you in your
present employment, you can speak with us in confidence by calling
800-xxx-xxxx. No one will ever know you called, and we will take what
actions are needed after our own investigation. THANK YOU FOR KEEPING
THE TRUST WHICH HAS BEEN PLACED IN YOU."

Across the top of the poster in larger block letters, "Uncle Sam
Wants You to Keep the Trust." A most effective poster and constant
reminder (Uncle Sam with pursed lips staring at you all day) that
innocent looking situations could be serious problems. More and more
people are getting wise to this: do not believe what you hear just
because it was said on the phone; stay in control of your phone calls;
never allow a phone caller to pressure you into revealing things. I
am not recommending that when you get a phone call from someone you
have never met before who claims to be in authority that you tell him
he is full of sausage; I am just suggesting that you not be that
concerned about being considered 'uncooperative' or 'antisocial'.
Someone from the 'phone company' will deal with their contact person
at your company, not you. Someone from the credit bureau or the
computer network, etc will deal with their contact at your company,
not you.

And how shall I say this bluntly, yet in a form suitable for this
family-rated e-journal? If you suddenly find yourself with a new
girl friend or a new boy friend as happened to me many years ago
when this new 'friend' discovers that you work for a large credit
card processing center or the credit bureau or a large national ISP
or the phone company/bank/government in a sensitive position, give
careful consideration whether he wants you for your body, your wit
and your charm, or if all that love-bombing, melt in your arms
tenderness is intended as a way to get a bit more. Does he want to
get in your pants, or does he want to get in your desk drawer at
work? . Especially if he already knew about your employment
before he discovered how madly in love he was with you. And before
you unlock that desk drawer at work in exchange for that momentary
fling, consider well what you have to gain, and what you have to
lose. No matter how smart you are, there is always someone smarter
who can catch you at what you did.  PAT]

------------------------------

Date: Thu, 4 Mar 1999 15:52:05 -0500
From: Matthew Gaylor 
Subject: File 3--Dangers of New Internet Bill (PFAW fwd)

<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
People For the American Way Foundation Press Release
<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

FOR IMMEDIATE RELEASE:
Thursday, March 4, 1999
CONTACT: Nancy Coleman, David Elliot or Lela Shepard
at 202-467-4999

INTERNET BILL WOULD FORCE SCHOOLS
AND LIBRARIES TO TRADE CONSTITUTIONAL RIGHTS FOR INTERNET ACCESS AID

Proposed Internet legislation would misuse the power of the federal
government's purse strings to restrict adult and student
Constitutional rights and substitute government-imposed censorship
for the judgment of local parents and teachers on how to manage
online access, People For the American Way Foundation warned today.

In hearings before the Senate Commerce, Science and Transportation
Committee, People For the American Way Foundation's Legal Director
Elliot Mincberg spoke out against such legislation, including S.97,
a bill sponsored by Sen. John McCain (R-AZ) that would require any
school receiving federal discounts for Internet service to impose
censoring software on school computers.

"The Internet offers students, teachers and librarians vast
treasures waiting to be mined," Mincberg said. "It is appropriate
for school officials and parents on a local level to develop
acceptable use policies for accessing the Internet. But it is
entirely inappropriate for the federal government to use the power
of its purse strings to force local schools to accept an onerous
censorship policy."

The 1996 Telecommunications Act requires the federal government to
offer discounted Internet access to schools, a discount called E-
rate access. The proposed legislation would attach unacceptable
string to that aid by focing schools, as a condition of receiving
the discount, to impose censoring filters aimed at blocking material
deemed "harmful to minors."

Mincberg explained that the legislation is misguided for three
reasons. First, the courts consistently have struck down government
attempts to restrict Internet access as violations of the First
Amendment. Second, mandatory filtering requirements would discourage
local officials from developing more sensible and effective
alternatives. And third, federally mandated filtering would lead to
numerous lawsuits across the country and erode local control.

"Mandatory Internet filtering in public libraries and schools,
particularly if mandated by the federal government as a condition on
E-rate access, raises serious legal and constitutional problems and
threatens to frustrate the tremendous potential of the Internet,"
Mincberg testified.

PFAWF has a long history of opposing Internet censorship and served
as co-counsel and co-plaintiff in the Communications Decency Act,
which was struck down by the U.S. Supreme Court in 1997. More
recently, PFAW Foundation represented a group of Loudoun County,
Virginia citizens who successfully challenged a public library
Internet censorship policy in federal court.

======================================================================
PFAWF Press Releases -- http://www.pfaw.org/news/

======================================================================
To subscribe to the People For the American Way Foundation Press Release
distribution list, please sign up for our Activist Network at

http://www.pfaw.org/activist/

or send a message to: majordomo@lists.pfaw.org with the message:

    subscribe pfaw-presslist

------------------------------

Date: Thu, 25 Feb 1999 14:41:31 -0500 (EST)
From: Ari Schwartz 
Subject: File 4--Bill Lifting Encryption Controls Re-Introduced (CDT fwd)

 The Center for Democracy and Technology  /____/     Volume 5, Number 4
 CDT POLICY POST Volume 5, Number 4                   February 25, 1999

(1) BILL LIFTING ENCRYPTION CONTROLS RE-INTRODUCED IN CONGRESS

Reps. Bob Goodlatte (R-VA) and Zoe Lofgren (D-CA), joined by over 200 other
Members of the House of Representatives, today re-introduced the Security
and Freedom through Encryption (SAFE) bill, HR 850.

Like its predecessors in prior years, HR 850 promotes privacy and security
online by lifting export controls on encryption. The bill also affirms the
right of all Americans to use whatever form of encryption they choose and
prohibits the government from imposing domestic controls on encryption
through mandatory "key-escrow" or "backdoor" systems.

The unusually large number of original co-sponsors signing onto the bill at
the outset demonstrates bipartisan opposition to Clinton Administration
policy and widespread support for promoting the availability and use of
strong encryption.  The co-sponsor list includes the entire House Republican
leadership (with the exception of the Speaker who, by tradition, does not
co-sponsor bills), as well as Democratic leaders Richard Gephardt (D-MO)
and David Bonior (D-MI).
   __________________________________________________________
(2) SUMMARY OF SAFE ACT, H.R. 850

* Guarantees all Americans the freedom to use any type of encryption
anywhere in the world, and allows the sale of any type of encryption
domestically.

* Prohibits the government from requiring a backdoor into peoples' email
and computer files ("mandatory key recovery").

* Modernizes U.S. export controls to permit the export of generally available
software and hardware if a product with comparable security is commercially
available from foreign suppliers (creates a level playing field).

* Creates criminal penalties for the knowing and willful use of encryption to
conceal evidence of a crime, BUT specifies that the use of encryption does not
constitute probable cause of a crime.

* Calls upon the Attorney General to compile examples in which encryption has
interfered with law enforcement.

* Calls upon the President to convene international conference to draft
encryption policy agreement.
   _________________________________________________________
(3) BACKGROUND ON ENCRYPTION FIGHT

By the end of the 105th Congress (1997-98), the SAFE bill had 249 co-sponsors
in the House.  The bill was reported with widely divergent amendments by 5
committees: Judiciary, International Relations, National Security,
Intelligence, and Commerce, and was not brought before the full House for a
vote, partly because of the opposition of then-Rules Committee Chairman Gerald
Solomon (R-NY).  Solomon has retired and SAFE Act co-sponsor David Dreier
(R-CA) now chairs the Rules Committee.

A hearing on the SAFE Act has tentatively been scheduled for March 4, before
the House Judiciary Committee's Subcommittee on Courts and Intellectual
Property.

Sen. Conrad Burns (R-MT) has announced plans to introduce in the Senate
similar legislation lifting encryption export controls.

Meanwhile, the Clinton Administration continues to review incremental changes
to the export control regulations. http://www.cdt.org/crypto/admin/index.html

For more information on the SAFE bill, including the text of the legislation
and relevant background information on the encryption policy debate, please
visit CDT's encryption policy issues page at http://www.cdt.org/crypto .

------------------------------

Date: Tue, 02 Mar 1999 12:06:01 -0600
From: Bennett Haselton 
Subject: File 5--SurfWatch blocks the Web's #1 pro-censorware site

The Filtering Facts web site at http://www.filteringfacts.org --
the only non-profit Web site dedicated to promoting mandatory
blocking software in public libraries -- is currently blocked by
SurfWatch.

You can go to 	http://www1.surfwatch.com/testasite/body.html

and type in "http://www.filteringfacts.org/", and the message
appears:

"http://www.filteringfacts.org is BLOCKED by content category
Drugs/Alcohol"

(If you want to see this, you'll probably want to do it quickly
before SurfWatch updates their blocked site list.)

SurfWatch is even one of the seven programs on the official
Filtering Facts list of censorware "recommended for libraries".
Filtering Facts is a site established in 1997 to promote
censorware in libraries, funded by the Family Research Council
and Enough is Enough.

SurfWatch says in their press materials that every URL is
reviewed by a human being before being added to their database:

	http://www1.surfwatch.com/about/body-filter.html:

"Before adding any site to our database, each site 'candidate' is
reviewed by a SurfWatch Content Specialist. Deciphering the gray
areas is not something that we trust to technology; it requires
thought and sometimes discussion. We use technology to help find
site candidates, but rely on thoughtful analysis for the final
decision."

------------------------------

Date: Sun, 28 Feb 1999 15:35:34 -0600 (CST)
From: Jim Thomas 
Subject: File 6--Linkname: LII's Focus on Gambling

((CuD Moderator's note: A reader sent over the following
URL. Given the increased concern over Internet gambling,
some readers might the linked article of interest. We include
a short excerpt. The fill article is worth a look)).
   Linkname: LII's Focus on Gambling
        URL: http://www.law.cornell.edu/background/gambling/

    The LII
   LII Backgrounder on Gambling

     Online gambling revenues in 1998 are expected to be $535 million,
     rising to $955 million in 1999 and $2.3 billion by 2000.

     --ZDNN, "Online Gambling a $10B Industry"

   I. Introduction

   The popularity explosion and information revolution fueling the
   Internet and World Wide Web in the mid-1990's created both brand-new
   industries and reinvented old ones.  Secure transmission technologies
   and the credit card combined to fashion a powerful lure for the online
   consumer.  Internet transactions for goods and services, once
   considered risky propositions, are now commonplace, as seen in the
   success of Amazon.com and eBay.  The very same factors that have led
   to growth in online consumer transactions, combined with the
   unregulated nature of the Internet, have attracted commercial online
   gambling.

   Gambling, though widespread in the United States, is subject to
   legislation at both the state and federal level that bans it from
   certain areas, limits the means and types of gambling, and regulates
   the activity in countless other ways.

   A standard strategy for avoiding laws that prohibit, constrain, or
   aggressively tax gambling is to locate the activity just outside the
   jurisdiction that enforces them in a more "gambling friendly" legal
   environment. Gambling establishments are often found near state
   borders and on ships that cruise outside territorial waters. They have
   exploded, in recent years, in Indian territory. Internet-based
   gambling takes this strategy and extends it to a totally new level of
   penetration, for it threatens to bring gambling directly into homes
   and businesses in localities where the same activity could not be
   conducted by a physical gambling establishment.

   Online gambling appears to represent a complete end-run around both
   government control and prohibition.  A site operator need only
   establish itself in a friendly offshore jurisdiction,  such as the
   Bahamas, and begin taking bets.  Anyone with access to a web browser
   can find the site and place wagers by credit card.  Confronted with
   this blatant challenge to local policies, regulators and lawmakers
   have begun to explore the applicability of current law and the
   desirability of new regulation to online gambling. The issues include
   whether a person, located in a state that prohibits commercial
   gambling and accessing an offshore Internet site from a home-computer,
   violates either state or Federal law and further whether the site
   operator is as well?



------------------------------

Date: Sun, 28 Feb 1999 15:35:34 -0600 (CST)
From: Jim Thomas 
Subject: File 7--"Cyberporn" Busts: When will they ever learn?

((CuD MODERATORS' NOTE:  From the "When will they ever learn"
department: The following two snippets from the Chicago Tribune
reaffirm our belief in social Darwinism. With chat rooms swarming
with undercover cyber-police and other net-monitors, the "kiddie
sting" seems to get 'em every time. Or, at least often enough
that you'd think that online predators would eventually catch
on.))

 ===========

NEW LENOX MAN JAILED IN PORN CASE
The Chicago Tribune, 24 February, 1999
By Stanley Ziemba, Tribune Staff Writer.

   A 35-year-old New Lenox man was being held Tuesday in the Will
County Jail on a charge of disseminating child pornography over
the Internet.
   Steven F. Bauer of the 1500 block of Cimmeron Drive was
arrested Monday in the Oakbrook Center shopping mall by Oak Brook
police and members of the Illinois Internet Child Exploitation
Task Force.
   According to a spokesman for Illinois Atty. Gen. Jim Ryan,
Bauer went to the mall thinking he was about to meet a
13-year-old girl to whom he allegedly had sent pornographic
material over the Internet and with whom he allegedly had
arranged a meeting through an Internet chat room.
   But Bauer's contact was a member of the Internet Child
Exploitation Task Force posing as a child, spokesman Charles
Jolie said.



   =========

(And from CuD's own home town):

4-YEAR SENTENCE FOR MAN IN INTERNET SEX-ABUSE CASE
Chicago Tribune, February 19, 1999
By Abdon M. Pallasch, Tribune Staff Writer.

   The first of four men caught last year in the Lake County
Sheriff Department's investigation of men seeking underage sex
partners on the Internet was sentenced Thursday to 4 years in
prison.

   Richard Patterson, 28, of Wonder Lake in McHenry County, drove
to Gurnee Mills mall in June to meet what he thought would be a
15-year-old boy named Rob he had met on the Internet.

   "Rob" turned out to be Sheriff's Deputy Rick White. Patterson
was convicted last month of attempted aggravated criminal sexual
abuse.



   The next of the four men netted by White for attempting to
pick up young men over the Internet, Douglas Scott, 34, of
Sycamore in DeKalb County, is set to be sentenced Monday after
being convicted in December on charges of attempted indecent
solicitation of a minor, among other charges.

   The others charged in the investigation, David Fredericks, 34,
of Richmond in McHenry County, and Michael H. Bailey, 45, of
Bartlett, are awaiting trial.

------------------------------

Date: Thu, 25 Feb 1999 08:30:11 -0500
From: Udhay Shankar N 
Subject: File 8--PGP 6.0.2i now available

(If you are receiving this a second time, apologies)

The latest international version of PGP, version 6.0.2i, is now
available for download from http://www.pgpi.com. It includes the
ability to encrypt a portion of your local hard drive (create a
virtual encrypted volume) and to attach photographs to public keys,
among other new features.

------------------------------

Date: Sun, 10 Jan 1999 22:51:01 CST
From: CuD Moderators 
Subject: File 9--Cu Digest Header Info (unchanged since 10 Jan, 1999)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send post with this in the "Subject:: line:

     SUBSCRIBE CU-DIGEST
Send the message to:   cu-digest-request@weber.ucsd.edu

DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.

The editors may be contacted by voice (815-753-6436), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message:   UNSUB CU-DIGEST
Send it to  CU-DIGEST-REQUEST@WEBER.UCSD.EDU
(NOTE: The address you unsub must correspond to your From: line)

CuD is readily accessible from the Net:
  UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD
    Web-accessible from: http://www.etext.org/CuD/CuD/
                  ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
                  wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
  EUROPE:         ftp.warwick.ac.uk in pub/cud/ (United Kingdom)


The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
  URL: http://www.soci.niu.edu/~cudigest/

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

------------------------------

End of Computer Underground Digest #11.14
************************************

<--">Return to the Cu Digest homepage

Page maintained by: Jim Thomas - cudigest@sun.soci.niu.edu