

*******************************************************************************
Details of the most recent board bust in Canada......

THE SCABBARD BBS 
Sysop:  Xiphoid [PAW/CTA]
(604) ITS-GONE

Written by:  Xiphoid on April 2, 1994.

********************************************************************************

	On April 30, at 1:15pm, my father calls me and says that the RCMP has
called him at work concerning the bulletin board system that I run.  The guy 
says he's from the commercial crime unit.  They asked him how old I was (22) 
and then said that they were required to talk to me directly because I am not 
a minor.  Wasting no time after I get off the phone with my Dad, I delete and
format my hard drive with all the board files on it.  Ten minutes later I 
gathered up enough courage to call Bob Campbell (the fucking cop) and talk
to him.  First thing he says is that I'm running a BBS with copywrited files
on it.  I reply that 'I could have, but I don't know as I have been rather
busy at work and have not monitored the files closely'.  He seems to take this
excuse rather well at first.  The conversation goes on for 5 more minutes 
while he trys to intimidate me over the phone by reading out the maximum
penalties for violating the copywrite act ($500,000) and saying that the SPA
and like organizations in Canada will sue up to a maximum of $200,000 in 
a civil action.  He then says that I have to come down to the RCMP office so
that I can meet with him and so that 'we can get to know each other better'.
What a fucker....anyways...I agree to meet with him the next day at 4:00pm.

April 31, 1994

	I head down to the cop shop to meet with this asshole.  First thing
he does is hand me a copy of the related sections of the Canadian Copywrite
Act and the Criminal Code of Canada.  He says, "you might want to read that
over after our conversation here".  He then proceeds to open a file with my
name plastered on the top and side.  I might add that the fucking file was
full of shit and probably was at least almost an inch thick!!  He doesn't
show me what is in it, but I'm sitting across the table and I notice that
he's got a fucking file list printed out.  

	First he launches into talking about a file I had online called
ANACOOK.ZIP.  If you aren't familiar with it, it's the Anarchist's Cookbook,
which details how to make everything from blue boxes to napalm to bombs, to
how to hack UNIX systems.  He raves about this and asks me if I've ever read
that file, and I reply that I never unzipped it and read it.  He claims that
not only is this file is immoral because of the contents, it is also a crime
to distribute and I could be charged for aiding criminal activities by doing
so.  He raves about this for a very long time.  I say I never looked at it, 
but fully admit that I knew I had it online...as I didn't think I'd ever get
into much shit for having that.  I had always figured that the big stuff
like high priced money software would be what they hooked onto.  

	Anyways, he then rifles through the list of files I had online, 
randomly rhyming off names like MS-DOS, MS Word for Windows 6.0, Norton 
Desktop etc etc etc.......He doesn't name ANY games whatsoever.  He then
says, "you've got some pretty expensive software online."  I wasn't prepared 
to see a list of my files and it kind of freaked me out, and so I just nod
and grunt.  I stick to my story of "I haven't had the time to monitor what's
online."  He sits there and lectures me on how by distributing copywrited 
software I'm affecting the public market for software.  

	He then trys to intimidate me again by telling me that the public 
won't tolerate this anymore.  He explains that 50% of his day is following 
up on complaints from other people about copywrite fraud.  The other half is
more 'undercover' work.  He explains the warning system and how his superiors
didn't want to give me a second chance because of my age.  He rants and raves
about how I should know better and that they give warnings to kids just to 
scare the shit out of them and get them to stop.  He also goes into the
extent that the RCMP uses computers of their own to do their own busts.  He
says that they now have a full-time workforce of 170 for computer fraud etc.
That's a lot of manpower, and he goes into some detail about what kind of 
systems they use.  Without too much detail, it was rather impressive.  He
then said the most disturbing thing yet:  "It doesn't matter what security
blocks you have setup to get onto your system, we can gain access."  I 
address my thoughts on this in the next paragraph.  The last thing he says
to me is, "Get that Anarchist's Cookbook offline!"  Man, you would think that
having that is more illegal than $10,000 of pirated software online.  He also
said that they will be monitoring my board from now on, and if they find any
evidence of copywrited software online, then I'm pretty much fucked.  That's 
not how he said it, but he said he'd clean out my whole house and I'd be 
fucked.  I wouldn't see it for 2 years, because it's evidence.  Nice thing.

	I don't know how they obtained a copy of my file list, as I didn't
have a file list generator online, so it had to have been a screen capture.
So, there are five things that they could have done to obtained this type of
information from my board:

	1)  I had a user that captured it and phoned them and complained.
	2)  One of my user's parents thought that what I had online was 
	not morally correct, and thus sent in the capture themselves.
	3)  The RCMP gained access to my BBS through a faked new user
	application.
	4)  The RCMP hacked someone's password by tapping my phone line and
	capturing the first characters sent by the remote modem.  (the guy's
	alias and password)

Well let me tell you right now that 1,2 and 3 are totally impossible with the
users on my BBS.  I had the most secure user list I've ever seen.  With only
42 users, 5 being LD callers that I was positive were legit, that leaves 37
local callers.  Of those 37 callers, I had met 25 of them personally on more
than one occaison.  The remaining 12 were personal recommendations from the
25 that I've met personally.  Therefore, I have to believe option 4.  Since
I believe this to be true, once the RCMP gains your phone number you are 
pretty much fucked.  This only gives credit to the cop's testimony that they
can gain access regardless of what security you have online.  

	I have another theory.  The cop said that the software companies 
cooperate fully with them, and even send them original copies of software.  
A simple letter to the writers of PCBoard stating that they are 
investigating a BBS that they suspect has a cracked copy of PCBoard running 
and more pir8 files are online, and a request that they write a program that 
will get access to the board.  I have no doubt in my mind whatsoever that the 
writers for PCB wouldn't cooperate and write it.  

	Either way, there is a serious security problem in the pir8 world now.  
As the phoneco's are getting more sofisticated with their electronic telephone
monitoring technology and the cops are gaining more experience in hacking and
busting boards, the days of pirating without serious risk of being busted are
over.  I can't offer any more detail about how to tighten security, accept
that you shouldn't make the number for your BBS public.  This means:

	DON'T ADVERTISE YOUR BBS - make it for your close friends only.
	If you advertise the number, and the RCMP gets a hold of it, you 
	might as well kiss your board goodbye.

It is with much regret that I leave the scene, but the risks are too high.
If I were to try to get a job that requires a security clearance, and the 
potential employer did a police check, I'd be on record for this 
investigation.  This fucks me over right away.  Sure I wasn't charged, but
if you are an employer and have 5 applicants for a job, and 1 of them has
a record of an investigation, it's an easy screening tool.  I don't think
this will effect me in the near future, but later down the road, I might
be fucked over a job because of it.  

	My personal greets to the 'industry leaders' of the pir8ing scene in
Canada that I know really well:  

	 Newton P. Forgery
	 Raider
	 Boba Fet
	 Martial Artist
	 All of Pirates Analyze Warez Magazine
	 Lester
	 Spelljammer
	 Baldrick
	 Gollumm
	 All of CTA
	 And anyone I ever talked to on IRC....too many to list off.
	 Sorry if I forgot anyone......my mind is still with the cops :)

I'll still hang around #warez everyonce and a while, so if you ever want to 
get a hold of me, I'll be there or somewhere cool....not like #warez34 :) 
If you have no idea what I'm talking about, ignore this - you're too lame
to be reading this anyways.

My closing words:

	PIRATE AS MUCH AS POSSIBLE, BUT BE SECURITY CONCIOUS!  THE COPS 
	ARE EVERY-FUCKING-WHERE.  


				Xiphoid -=PAW/CTA=-