CRYPT NEWSLETTER 46
January 1998

Editor: George Smith, Ph.D.
INTERNET: 70743.1711@compuserve.com
          crypt@sun.soci.niu.edu
http://www.soci.niu.edu/~crypt

Mail to:
Crypt Newsletter
1635 Wagner St.
Pasadena, CA 91106
ph: 626-568-1748


Who reads Crypt Newsletter:
==========================

The great majority of Crypt Newsletter readers do it on company
time.  While there are accesses at all hours, heaviest usage and
downloading of current issues occurs during U.S. business hours,
beginning at around 7:30 EST and continuing to 4:40 Pacific time.

Readers of Crypt Newsletter log in monthly from organizations like
Lucent Technologies, Loral, Lockheed, MITRE Corporation, MITRE Technology,
NASA-JPL, Midwest Research Institute, Electronic Data Systems, Intel,
Digital, CSIRO, Science Applications, Unisys, the World Bank, Fujitsu,
DuPont, the Securities and Exchange Commission, Boeing, FermiLab, the US
Dept. of the Treasury, the Department of Energy, the US
Naval Undersea Warfare Center, the EPA [?!], Disney [?!?], Oak
Ridge National Lab, Argonne Laboratory, Lawrence Berkeley, Vandenberg
AFB, China Lake Naval Weapons Research, the SPAWAR Submarine Command Office,
the Pentagon and many anonymous U.S. military Internet domains that refuse
open telnet connections and "finger" queries.  Others log in from media
organizations like the BBC, The Bloomberg Business News Service, New York
Times, the Sacramento Bee, various newspapers from the hinterlands,
Federal Computer Week, The Net magazine, and The Age, too.

Crypt Newsletter articles may not be copied or reproduced in or on other
media, on CD-ROM collections of data, or offered - in part or in toto - as
part of any database, data survey, information or research service
without prior consent of the editor. Rates based on word count are
reasonable. Queries by e-mail are welcome.


ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ Contents: Crypt Newsletter #46      ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ

 THIS ISSUE

NEWS
Air Force investigators crap out in trial of U.K. hacker
Cold War spooks witlessly developed computer viruses
Technoquack: Disney's Danny Hillis
Book Review: O'Reilly's "Internet In a Nutshell"
The Joseph K Guide to Tech Terminology: consultant,
cutting edge, libertarian, Netizen
Letters: The Fabulous Furry Freak Brothers, Iman de Excremento
and Virus Hoaxes: mental elixirs for paranoid schizophrenics
MISCELLANY
  Credits/Acknowledgment


AIR FORCE INVESTIGATIVE OFFICE DEEMED INCOMPETENT DURING ROME LABS 'INFO-WAR' BREAK-IN

"The cream of US military intelligence last week had their bungled attempt to prosecute a bedroom hacker thrown out by a British court," screamed the lead of a November 28, 1997 piece in the United Kingdom newspaper, The Guardian.

Even as the President's Commission on Critical Infrastructure Protection was spinning yet more scenarios of imminent techno-Gotterdammerung, the wheels were coming off one of the U.S. military's most extensive public relations campaigns. Aimed at creating the image of menacing hackers in the employ of foreign powers, U.S. Air Force claims fell apart in English court, out of sight of the U.S. newsmedia as the U.K. press looked on and smirked.

Matthew Bevan, 23, a hacker known as Kuji, walked out of a south London Crown Court a free man as prosecutors confessed it wasn't worth trying him on the basis of flimsy claims made by the U.S. military. Further, he was deemed no threat to national computer security.

Since 1994, the U.S. government has used Bevan, and a younger partner, Richard Pryce, in reports by the Air Force, the Government Accounting Office, the Pentagon's Defense Science Board report on information warfare and the recent Marsh Commission, on the dangers posed by international terrorists using the worldwide computer networks to attack the United States.

". . . [the] story of the Bevan and Pryce cases shows [the Air Force's] forensic work to have been so poor it would have been unlikely to have stood up in court and convicted Bevan. The public portrayal of the two Britons as major threats to U.S. national security was pure hype," wrote Duncan Campbell for The Guardian.

However, events really began in 1994, when the two young men broke into an Air Force installation known as Rome Labs, a facility at the now closed Griffiss Air Force Base, in New York. This break-in became the centerpiece of a Government Accounting Office report on network intrusions at the Department of Defense in 1996 and also constituted the meat of a report entitled "Security and Cyberspace" by Dan Gelber and Jim Christy, presented to the Senate Permanent Subcommittee on Investigations during hearings on hacker break-ins the same year. It is interesting to note that Christy, the Air Force Office of Special Investigations staffer/author of this report, was never at Rome while the break-ins were being monitored.

Before delving into this in detail, it's interesting to read what a British newspaper published about Richard Pryce, known as Datastream Cowboy, then seventeen, about a year before he was made the poster boy by the GAO.

In a brief article, blessedly so in contrast to the reams of propaganda published on the incident for Congress, the July 5, 1995 edition of The Independent wrote, "[Datastream Cowboy] appeared before Bow Street magistrates yesterday charged with unlawfully gaining access to a series of American defense computers. Richard Pryce, who was 16 at the time of the alleged offences, is accused of accessing key U.S. Air Force systems and a network owned by Lockheed, the missile and aircraft manufacturers."

Pryce, a resident of a northwest suburb of London, was charged with 12 separate offenses under the British Computer Misuse Act. He was arrested on May 12, 1994, by New Scotland Yard. The Times of London reported when police came for Pryce, they found him at his PC on the third floor of his family's house. Knowing he was about to be arrested, he "curled up on the floor and cried."

The Air Force's tracking of Pryce, and to a lesser extent, Bevan, was recounted in an eight page appendix to Gelber's and Christy's "Security and Cyberspace," entitled "The Case Study: Rome Laboratory, Griffiss Air Force Base, NY Intrusion."

Pryce's entry into Air Force computers was originally noticed on March 28, 1994, when personnel discovered a sniffer program he had installed on one of the Air Force systems in Rome. The Defense Information System Agency (DISA) was notified. DISA subsequently called the Air Force Office of Special Investigations (AFOSI) at the Air Force Information W`‚ !re Center (AFIWC) in San Antonio, Texas. AFIWC then sent a team to Rome to appraise the break-in, secure the system and trace those responsible. During the process, the AFIWC team of computer scientists -- not AFOSI investigators, a point not clearly made by the Air Force authors and one that becomes more important upon viewing the fallout and repercussions of the case -- discovered Datastream Cowboy had entered the Rome Air Force computers for the first time on March 25. Passwords had been compromised, electronic mail read and deleted and unclassified "battlefield simulation" data copied off the facility. The Rome network was also used as a staging area for penetration of other systems on the Internet.

Air Force personnel initially traced the break-in back one step to the New York City provider, Mindvox. According to the Christy report, this put the NYC provider under suspicion because "newspaper articles" said Mindvox's computer security was furnished by two "former Legion of Doom members." "The Legion of Doom is a loose-knit computer hacker group which had several members convicted for intrusions into corporate telephone switches in 1990 and 1991," wrote Gelber and Christy.

The Air Force then got permission to begin monitoring -- the equivalent of wiretapping -- all communications on the Rome Labs network. Limited observation of other Internet providers being used during the break-in was conducted from the Rome facilities. Monitoring told the investigators the handles of hackers involved in the break-in were Datastream Cowboy and Kuji.

Since the monitoring was of limited value in determining the whereabouts of Datastream Cowboy and Kuji, investigators resorted to "their human intelligence network of informants, i.e., stool pigeons, that 'surf the Internet.' Gossip from one 'Net stoolie to Air Force investigators uncovered that Datastream Cowboy -- [Richard Pryce] -- was from Britain. The anonymous source said he had e-mail correspondence with Datastream Cowboy in which the hacker said he was a 16-year old living in England who enjoyed penetrating ".MIL" systems. Datastream ‚ 7boy also apparently ran a bulletin board system and gave the telephone number to the AFOSI source.

The Air Force team contacted New Scotland Yard and the British law enforcement agency identified the residence, the home of Richard Pryce, which corresponded to Datastream Cowboy's system phone number. English authorities began observing Pryce's phone calls and noticed he was making fraudulent use of British Telecom. In addition, whenever intrusions at the Air Force network in Rome occurred, Pryce's number was seen to be making illegal calls out of Britain.

Pryce travelled everywhere on the Internet, going through South America, multiple countries in Europe and Mexico, occasionally entering the Rome network. From Air Force computers, he would enter systems at Jet Propulsion Laboratory in Pasadena, California, and the Goddard Space Flight Center in Greenbelt, Maryland. Since Pryce was, according to Air Force investigators, capturing the logins and passwords of the networks in Rome Labs, he was then able to get into the home systems of Rome network users, defense contractors like Lockheed.

By mid-April of 1994 the Air Force was monitoring other systems being used by the British hackers. On the 14th of the month, Kuji logged on to the Goddard Space Center from a system in Latvia and copied data from it to the Baltic country. According to Gelber's report, the Air Force observers assumed the worst, that it was a sign that someone in an eastern European country was making a grab for sensitive information. They broke the connection but not before Kuji had copied files off the Goddard system. As it turned out, the Latvian computer was just another system the British hackers were using as a stepping stone; Pryce had also used it to cover his tracks when penetrating networks at Wright-Patterson Air Force Base in Ohio, via an intermediate system in Seattle, cyberspace.com.

The next day, according to the AFOSI report, Kuji was again observed trying to probe various systems at NATO in Brussels and The Hague as well as Wright-Patterson. On the 19th, Datastream Cowboy successfully returned to NATO systems in The Hague through Mindvox. The point Gelber and Christy were laboriously trying to make was that Kuji -- Matthew Bevan -- a 21-year old, was coaching Pryce during some of his attacks on various systems.

By this point, New Scotland Yard had a search warrant for Pryce with the plan being to swoop down on him the next time he accessed the Air Force network in Rome.

In April, Datastream Cowboy penetrated a system on the Korean peninsula and copied material off a facility called the Korean Atomic Research Institute to an Air Force computer in Rome. At the time, the investigators had no idea whether the system was in North or South Korea. The impression created was one of hysteria and confusion at Rome. There was fear that the system, if in North Korea, would trigger an international incident, with the hack interpreted as an "aggressive act of war." The system turned out to be in South Korea.

It's worth noting that while the story was portrayed as the work of an anonymous hacker, New Scotland Yard already had a suspect. Further, according to Gelber's and Christy's report, English authorities already had a search warrant for Pryce's house.

On May 12, British authorities pounced. Pryce was arrested and his residence searched. He crumbled, according to the Times of London, and began to cry. Gelber and Christy write that Pryce promptly admitted to the Air Force break-ins as well as others. Pryce confessed he had copied a large program that used artificial intelligence to construct theoretical Air Orders of Battle from an Air Force computer to Mindvox and left it there because of its great size, 3-4 megabytes. Pryce paid for his Internet service with a fraudulent credit card number. At the time, the investigators were unable to find out the name and whereabouts of Kuji. A lead to an Australian underground bulletin board system yielded nothing.

On June 23 of 1996, Reuters reported that Matthew Bevan had been arrested and also charged in connection with the 1994 Air Force break-ins in Rome.

Bevan was found in the same low-tech manner as Pryce. His phone number was eventually lifted by Scotland Yard from Pryce's seized PC. "Had it not been for Scotland Yard, the relatively innocuous Pryce and Bevan would never have been found and the U.S. Senate would still be hearing about cyberterrorists from faraway lands," wrote the Guardian's reporter.

Lacking much evidence for conspiratorial computer-waged campaigns of terror and chaos against the U.S., the makers of Congressional reports nevertheless resorted to telling the same story over and over in 1996, three times in the space of the hearings on the subject.

As a result, Pryce and Bevan appeared in "Security in Cyberspace" and twice in Government Accounting Office reports AIMD-96-84 and T-AIMD96-92 in 1996, which were essentially rewritten versions of the former with additional editorializing.

Jack Brock, the author of these now famous GAO reports on hacker intrusions at the Department of Defense wrote, ". . . Air Force officials told us that at least one of the hackers [of Rome Labs] may have been working for a foreign country interested in obtaining military research data or areas in which the Air Force was conducting advanced research."

This was not even close to the truth.

[Alert Crypt Newsletter readers will recall Mr. Brock was a nominee in the 1996 Computer Virus Hysteria Awards.]

But what were Bevan and Pryce really after?

Not Air Force advanced research! Unless . . . you are one of those who are convinced the U.S. military is really hiding a flying saucer at Area 51 in Nevada. According to the Guardian account, Matthew Bevan was interested in little but gathering evidence confirming that Area 51 was a secret hangar for captured alien spacecraft.

The Guardian news report was also extremely critical of Air Force computer scientist Kevin Ziese.

Ziese, said the Guardian, "led a six-strong team [from San Antonio] whose members, or so he told Fortune magazine, slept under their desks for three weeks, hacking backwards until Pryce was arrested."

"Since then, Ziese has hit the US lecture circuit and [privatized] his infowar business. As the WheelGroup corporation of San Antonio, he now sells friendly hacking services to top U.S. corporations," reported the Guardian.

However, while the Guardian was accurate in its assessment of the trivial menace of Bevan and Pryce, it was off in its characterization of Ziese, missing the real target -- investigators from AFOSI and the authors of the Gelber/Christy report, according to information supplied in interviews with Ziese.

Ziese commented to Crypt Newsletter that he "[had] not hit the lecture circuit." He added that he was amused by the content of the article in the Guardian and that "to date, no one has ever asked me even one question -- beyond my initial deposition to New Scotland Yard in 1996 -- regarding the Rome Lab case!"

Digging more deeply into the story, the evidence gathered on the Rome Labs break-in can be separated into two distinct classes. "The first," said Ziese," [was] the deposition I gave sometime in and about May of 1996 to New Scotland Yard." The second is the same shopworn story the "extremely incompetent criminal investigators had gathered originally," he added.

It was the investigators from the Air Force Office of Special Investigations, not the group of computer scientists from the Air Force's Information Warfare Center in San Antonio -- which Ziese led -- who peddled the Rome Labs break-in as evidence of international spying.

"Unbeknownst to the public at large, we had a very complete set of tools [and a] chronology," said Ziese. "It was the criminal investigators who tied our hands, lost critical pieces of data and refused to allow us to testify/discuss the case. "They wanted to make a mountain out of a molehill."

In this, they were successful.

". . . it was incompetent criminal investigators who saw a spy under every rock," Ziese continued, "not the computer scientists I brought with me to Rome." AFOSI was responsible for the "hogwash that has been published to date about the Rome Lab attacks."

By the English account, the evidence submitted by the U.S. military investigative team was almost worthless: "[E-mails] of edited files that had been relayed to Ziese and others."

A desire for secrecy also backfired on the Air Force. In May of this year, the Air Force declined to allow Bevan's defense to look at the test programs they claimed to have used to monitor his intrusions and " . . . having set traps to catch hackers, [the Air Force] neglected to produce before and after file dumps of the target computers."

The result was: "In the end, all the Americans handed over was patchy and circumstantial evidence that their computers had been hacked from Britain."

In March of this year, Richard Pryce -- now 19 -- was fined 1,200 pounds for offenses related to unauthorized access in connection with the break-ins at Rome Labs.


In sort of related news:

About the same time the wheels were coming off the Rome Labs myth, a similar fate was being meted out to the hoary tale of electromagnetic pulse gun attacks on banks in the United Kingdom.

Alert Crypt Newsletter readers already know the publication has dissed the legend of the non-nuclear electromagnetic pulse (HERF, microwave, radio frequency) gun as the chupacabras of cyberspace for the last two years.

On December 4, a British journalist for TechWeb dubbed them the same.

These stories are nonsense, said Michael Corcoran of Britain's Defense Evaluation and Research Agency, for TechWeb. "There are no radio-frequency weapons out there that anyone is in a position to use against banks." Corcoran then waffled for the publication and equivocated that they might be sometime in the future.


CRETINS IN KGB & THE US MILITARY AND THE WASTE OF TIME DEVELOPING COMPUTER VIRUSES AS WEAPONS

Late November saw a brief report on computer viruses as weapons inspired by NBC News' correspondent Robert Windrem's recovery of a declassified copy of a report named "Nonlethal Information Effectors Worldwide." In it, the KGB was said to be developing computer viruses for use as weapons as early as 1991. In addition, the Cuban Military Intelligence Directive spent the, ah, princely sum of $5,000 for collection of open source information on computer viruses.

Superficially, the news appears menacing. However, without context intelligence is meaningless.

You see, the U.S. military was in the same game. And it would be naive to assume the Russians and Cubans didn't notice.

The U.S. Army Center for Signals Warfare solicited for computer virus developers in the open literature in 1991. Army rep Bob Hein said of the solicitation, "This is the Army. We're in the weapons business." The Bulletin of Atomic Scientists and Technology Review magazines both covered the call briefly but the announcement was common knowledge in computer security circles, even sparking a brief debate on the Usenet.

So why did the Army want computer viruses? Not to study them because computer viruses weren't that hard to find at the time. There were already two books in print that included complete source code to them. (Indeed, the author of one of the books, Mark Ludwig, has also commented that he developed computer viruses for the American military around the same time.) However, the truth be told, it wasn't even necessary to purchase such a book. Live virus samples and the source code to them were available on private BBSes throughout the U.S. and in a number of foreign countries, including a handful in the Soviet sphere.

By 1993 the U.S. Department of Treasury's Automated Information Systems Security Branch bulletin board system even had computer virus source code and virus-making kits on it for examination by callers, usually computer security types. However, the BBS was open to anyone, even overseas callers. The idea was to grant access to those who needed it most -- institutional and corporate information technology workers -- the same types of people who were least likely to dive into the warren of underground BBSes looking for virus samples. To say this was a controversial idea would be understating the case. The system came under increasing scrutiny and eventually the section of it devoted to hacker tools and malicious code was closed.

What is remarkable is that it would be classified information -- unless purely to protect sources -- that the Cubans spent even as much as $5,000 trying to secure computer viruses. Even by the miserly standards of the computer underground, $5,000 was the equivalent of buying a pig-in-a-poke and a strong indicator that intelligence analysts were presenting material out of context or those directing such a program were close to incompetent. Virus-writers and collectors in American were selling thousands of computer viruses on diskette collections for much less -- the going price was usually around $100 -- through the early part of the decade. Many such collections went overseas. Others were imported in a brisk electronic trade. Often, a collection selling for $100 one day, would be given away for free the next. Most could be had by calling BBSes maintained by various computer virus salesmen. The expenses in an operation aimed at collecting computer viruses would be incurred from long distance tolls. Today, with the same collections on assorted Internet hosts worldwide, even that minimal cost has fallen by the wayside.

In 1997, it is only surprising that people in the intelligence apparatus at one time considered this type of information worthy of classification. It was only eye-opening to people who don't know about the history of computer viruses. And since there are now thousands of computer viruses, it's not hard to find Websites that offer sizeable collections of them to anyone who happens along.

However, by 1992 there was already a noticeable load of computer virus infections on government, military and corporate computers at any one time. How would one have distinguished an attack from Cuba or the KGB from such noise? And further, how would any such organization deploying computer viruses know it had achieved something, or any kind of effect, before its viruses were eliminated?

From a technical standpoint, this is so simply because viruses don't make good weapons. By definition they're unguided and the spread of them is largely unpredictable once out of the hands of the people who develop them. There have always been trivial attempts (the programmers, typically, would call them sophisticated) to design viruses that are guided or controlled in some manner. Such examples are notable only for the spectacular mistakes often coded into them.

It is easy to imagine our own military or a foreign power with a bunch of secretive kooks releasing computer viruses in an information warfare attack becoming even more a victim than the intended target. Viruses easily cross borders and typically don't distinguish between the PCs they infect. They are not much like the computer viruses depicted in movies or science fiction novels: dependable workhorses that have an anthropomorphic quality even as they go about crashing the villain's or the hero's network.

So, the KGB employed computer virus writers in 1991? Big deal. There were already pro bono virus writers in Russia, as there were in the U.S.


Notes: But you would already know this if you had read "The Virus Creation Labs."


TECHNOQUACK OF THE MONTH [Yes, still another in an infrequent but popular Crypt Newsletter series.]

technoquack: an individual, e.g. a consultant or computer scientist, who specializes in mentufactury -- the generation of gratuitously stupid, insane and/or incomprehensible claims about future technology.

Usage: The technoquack from the MIT Media Lab enjoyed vexing people with periodic declarations that Americans would eventually harvest gasoline from trees in their backyard.

Daniel Hillis is this month's technoquack for a series of stupefying quotes printed in the December 18 Opinion section of the Los Angeles Times.

Hillis, a computer scientist who works at the, ahem, well-known molecular biology research firm, Disney, in Glendale, California, gave readers his thoughts on the future of biotechnology. Hillis, a product of MIT's Media Lab, was also said to have invented a computer out of tinker-toys, one perhaps capable of besting lab staffers at tick-tack-toe.

Quotes:

"I'm as fond of my body as anyone else, but if I can be 200 with a body of silicon, I'll take it.

"We may grow telephones, but manufacture cabbage."

"[We may develop] a tree which has gasoline or kerosene as its sap."

"My scientific friends accuse me of being a mystic . . ."

"Maybe you'll plant a house, let it grow, and then move into it."


O'REILLY'S 'INTERNET IN A NUTSHELL'

"NOT FOR RESALE" states a baleful looking orange sticker on Crypt Newsletter's review copy of "Internet In a Nutshell" by Valerie Quercia.

O'Reilly doesn't have to worry. Crypt will be in the ground and gone to the worms for six years before anyone gets rights to this book.

Why does Crypt News like it?

Well, Quercia's volume is perfect for tossing at the bumpkins. You know them: The endless stream of users -- some new, some not so new -- found fumbling around in cyberspace and clogging up the bandwidth with witless questions about cookie files, Internet Explorer and the Usenet. If you're like me, you gave up talking to these people two years ago just to preserve your own sanity. In fact, should you be one of those still required by corporate edict to cater to them, "Internet In a Nutshell" is the perfect shield. If someone can't understand this book -- or paraphrased explanations drafted from it -- they're either ready for some corporate restructuring or the landfill.

And unlike the vast majority of Internet how-to's, "Internet In a Nutshell" isn't loaded down with cute jokes, pandering tone or the annoying attitude that anyone with enough wit to access a non-commercial Net site must qualify as a baseball cap-wearing computer nerd.

O'Reilly's "Internet In a Nutshell" -- 431 pages at about $20 cash money: perfect Net remedies for those not desirous of 50 percent warm fuzzy content.


ADDITIONS TO THE JOSEPH K GUIDE TO TECH TERMINOLOGY: Another brief in a very popular Crypt Newsletter continuing feature.

consultant: U.S. Department of Defense or civil service free-lancer usually involved in a conflict of interest; or, a recently downsized employee of corporate America.

Usage: The consultant from Science Applications International Corporation enjoyed writing policy papers for the Pentagon's Joint Chiefs which always cleverly ensured more DoD business for his firm.

Usage: Two years after being downsized by Acme Data Systems, Scroggins' carefree life as an Internet consultant came to an end when he declared bankruptcy, was divorced by his wife and lost visitation rights to his children.


cutting edge: hackneyed usage meant to convey a quality of hipness and intellectual excellence but, instead, standing for quite the opposite.

Usage: One editor at a stodgy newspaper declared his business and technology section cutting edge even though everyone knew it was only a forum for billionaire hagiography and rewritten press releases issued by corporate America.


libertarian: once a handy political label for those who believe in free markets and personal liberty; now a handy marketing tool for those who wish to lower taxes, disarm government employees and spend large amounts of money on anything published by Wired Ventures, Inc.

Usage: The mighty publisher of WIRED magazine galvanized a phalanx of Net libertarians into sending a million electronic mails to Congress in protest of Net censorship -- where they were immediately deleted, unread, by college interns.


Netizen: formerly, a term meaning citizen of the Net; now, an overused, unintentional pejorative describing a group of annoying computing technology-obsessed, mostly white, mostly male, blowhards.

Usage: Netizen Kane stamped his foot in glee as he used his skills in PC automation to send 1,000 e-mail copies of a windy, libertarian rant to Congressmen, the President and the press, where it was subsequently deleted, unread, by college interns.


Yes, you can contribute to the Joseph K Guide without fear of professional retribution or stain upon your reputation. Send your suggestions, definitions or usages to Crypt Newsletter!


LETTERS
=======

THE FABULOUS FURRY FREAK BROTHERS AND HUDSON INSTITUTE INFO-WAR
RESEARCH

Crypt:  
  
Having read Mary C. Fitzgerald's comments in Crypt Newsletter 45, I am 
reminded of the fable about the emperor's new clothes.  Obviously, the 
fabric of her info-war paper is of too high a quality to be appreciated 
by such unrefined characters as you and I.

But it reminds me even more of this Fabulous Furry Freak Brothers tale.  

The DEA has big bucks to blow, so Norbert the Nark is given $800,000 to 
get anti-drug consultants at the neighborhood level.  Fat Freddy gets 
wind of this and becomes an expert on all drugs, including one called
"squeak."  Freddy finagles Norbert into financing an anti-"squeak" 
campaign.  He does this so well that he is given  awards and political 
consideration for his success in stamping out "squeak," even though 
there is no such thing.  Freddy's friends Phineas and Freewheeling 
Frank destroy his political ambitions by breaking into an awards ceremony 
and pointing out there are no laws against "squeak."  They make big 
bucks by selling everybody powdered sugar in the guise of "squeak." 
(Norbert gets a 1000 hits of LSD mixed with elephant laxative!).  

Too bad Mary C. Fitzgerald's story can't end the same way!

Frank
U.S. Department of Agriculture


IMAN DE EXCREMENTO: PLAGUED BY MACRO VIRUS _AND_ HOAX INFECTIONS  

Crypt:

The NASA computer virus infection was caused by the SWLAB.G macro virus.  
Norton Anti-virus, NASA JSC's -- Jack Garman's -- anti-virus of choice, 
could have detected and stopped it if we had updated the definition files. 
The primary result of the episode is that Microsoft's SMS -- another 
Garman winner -- now updates the definitions for you on machine start up.  
A secondary result was an unfortunate blizzard of e-mails warning of Join 
the Crew and the usual virus hoaxes followed by still another blizzard of 
managerial-type lecturing on viruses. St. Dogbert exorcising the demons 
of stupidity would have been more useful.

Unfortunately, I'm a SAICer, sold to them by Lockheed-Martin after a 
George Abbey threat, but I think I have less respect for them than you 
do.

Keep up the good work,

Bemused at NASA


PARANOID SCHIZOPHRENIC SECRET AGENT IN US ARMY ENCHANTED BY
GULF WAR VIRUS HOAX

Crypt:

For whatever it may be worth, I can positively identify one 
person taking credit for one of the flavors of the Gulf War virus 
hoax.

Staff Sergeant X -- use whatever pseudonym you like -- worked for 
me during my recent stint as the chief information officer of a small 
Army hospital. X had been transferred from Korea to the U.S. to undergo 
a medical review board. The Army was to decide if his heatlh was 
adequate to allow him to remain on active duty. 

Since X seemed PC literate, the hospital's Medical Hold Division assigned 
him to my Information Management Division to help augment my meager 
technical staff.

X was very sharp with basic PC repair and claimed to be experienced
in Netware 3.X administration. In fact, after a few months of generic PC
work, his claims went from impressive to ludicrous:

He claimed to have started his Federal career as a "secret agent"
for the NSA and, later, the DEA.

He claimed to have been part of the "secret military team" that
wrote and deployed the virus that took out the Iraqi air defense alert
system.

He claimed that a U.S. "attack virus" that he worked on was
designed to hide in "any computer's VRAM, regardless of platform" and
cause a buildup of electricity that resulted in a lethal
explosion.

Sound familiar?

Mind you, he wasn't re-telling tales found in the mail. He insisted --
quite seriously -- that he was responsible for it all.

It took a while for to catch onto it because he'd leak anecdotes to
different employees at different times,  inserting them into
conversations where they fit with the topic. 

Of my staff of fourteen, half weren't computer savvy at all
but X limited his bragging to the system administrators and
technicians, anyway. Ironically, THEY bought his stories
because they were all Civil Service civilians and were perfectly
willing to believe that the military and intelligence communities
were capable of anything. He was wearing a uniform,
after all . . .

My only other military staff members were a brand-new lieutenant
-- who meant well, but had no clue whatsoever -- and a sly old
Chief Warrant Officer who didn't believe a word the man said -- and
didn't care.

About eight months into his tour with our department, he wandered
into a senior colonel's office and casually mentioned that one of my 
system administrators was spying on his "secret dossier at the NSA." 
Then he suggested that the NSA had authorized him to assassinate the 
co-worker to cover up the "intrusion."

The modern Army is more tolerant of individual idiosyncracies than it
used to be, but it ain't that tolerant.

X was quickly run through the psych mill and pronounced a "paranoid
schizophrenic living in a complete fantasy world." The examining doctor
went on to suggest that X was probably harmless so long as you
didn't question his delusions.

While I don't believe that he or anyone else actually did anything like
what he took credit for, I suspect that he's a good example of a 
continuing catalyst for spreading these types of stories. 

Last I heard, the hospital had gotten so shorthanded, X
was back at work doing PC repair. My money says that by Christmas
he'll have claimed credit for the Ronco Pocket Fisherman and
the UN's "secret black helicopters." 

Khu
Wright-Patterson AFB

-------------------------
-=The Crypt Newsletter welcomes thoughtful mail from readers at
crypt@sun.soci.niu.edu. Published letters may be edited for length
and clarity or anonymized for reasons even an idiot should be able
to figure out.=-



ACKNOWLEDGMENTS
===============
Rob Rosenberger, editor/webmaster of Virus Myths.  Visit --
http://www.kumite.com/myths for a savage read. Alan Dunkin of
On-Line Game Review for useful press releases.


-------------------------------------------------------------
George Smith, Ph.D., edits the Crypt Newsletter from Pasadena,
CA.

copyright 1998 Crypt Newsletter. All rights reserved.

-------------------

Relevant links: