From editor@telecom-digest.org Fri Oct 15 22:28:00 2004 Received: (from ptownson@localhost) by massis.lcs.mit.edu (8.11.6p3/8.11.6) id i9G2S0r24867; Fri, 15 Oct 2004 22:28:00 -0400 (EDT) Date: Fri, 15 Oct 2004 22:28:00 -0400 (EDT) From: editor@telecom-digest.org Message-Id: <200410160228.i9G2S0r24867@massis.lcs.mit.edu> X-Authentication-Warning: massis.lcs.mit.edu: ptownson set sender to editor@telecom-digest.org using -f To: ptownson Approved: patsnewlist Subject: TELECOM Digest V23 #491 TELECOM Digest Fri, 15 Oct 2004 22:28:00 EDT Volume 23 : Issue 491 Inside This Issue: Editor: Patrick A. Townson Activating New Phone Service-What Does the RBOC Actually Do? (MacroMan) Fiber-Optic Illusion (Michael A. Desmon) Re: Linux 9.0 and Older Toshiba Laptop (Steve Schefter) Re: Can't Move 800 Number to Vonage (Fred Atkinson) Re: Can't Move 800 Number to Vonage (Rick Merrill) Re: Can't Move 800 Number to Vonage (Mark Roberts) Re: Last, Very Bitter, Sad Laugh! A Nice Place to Work! (Bob Goudreau) Re: Law Hits Home (G.L. Fowler) When Internet Dreams Turn to Crime (Lisa Minter) All contents here are copyrighted by Patrick Townson and the individual writers/correspondents. Articles may be used in other journals or newsgroups, provided the writer's name and the Digest are included in the fair use quote. By using -any name or email address- included herein for -any- reason other than responding to an article herein, you agree to pay a hundred dollars to the recipients of the email. =========================== Addresses herein are not to be added to any mailing list, nor to be sold or given away without explicit written consent. Chain letters, viruses, porn, spam, and miscellaneous junk are definitely unwelcome. We must fight spam for the same reason we fight crime: not because we are naive enough to believe that we will ever stamp it out, but because we do not want the kind of world that results when no one stands against crime. Geoffrey Welsh =========================== See the bottom of this issue for subscription and archive details and the name of our lawyer; other stuff of interest. ---------------------------------------------------------------------- From: wyman_99@yahoo.com (MacroMan) Subject: Activating New Phone Service - What Does the RBOC Actually Do? Date: 15 Oct 2004 14:05:42 -0700 Organization: http://groups.google.com I have found myself in the unfortunate circumstance of having moved into a new (for me) house three weeks ago and still being without phone service. When I called BellSouth a week before we moved, I was told that they could not activate the new phone for four weeks. Now I find out I'm going to have to wait at least seven weeks for the phone to be activated. The hurricanes are the ostensible reason for this delay. This raises the question of what exactly BellSouth has to do to turn on phone service. I would have thought that it was nothing more than making a few entries into a central office computer -- a process which could probably be done by the same person who took my order. Why would it involve somebody with the same skill set as they employ to rebuild their hurricane-damaged infrastructure? BellSouth has already lost me as a DSL customer -- they said that I would have to wait until Jan 6th to get DSL turned on -- whereas Adelphia took only two weeks. I am now signing up for Vonage and will cancel the BellSouth voice service if Vonage proves acceptable. [TELECOM Digest Editor's Note: I am assuming there is no hurricane damage where *you* are located which could account for intrastructure problems in *your immediate area*? PAT] ------------------------------ Reply-To: From: Michael A. Desmon Subject: Fiber-Optic Illusion Date: Fri, 15 Oct 2004 13:55:41 -0400 From San Francisco Weekly: Why Tom Ammiano's plans to create a city-owned broadband network are a boondoggle-in-the-making http://www.sfweekly.com/issues/2004-10-13/smith.html ------------------------------ Date: Fri, 15 Oct 2004 12:52:28 -0400 From: Steve Schefter Subject: Re: Linux 9.0 and Older Toshiba Laptop Hi Pat, > I've a Toshiba Satellite 220 CDS laptop here, from 1995-96. On booting > it, I am told it has 32,512 KB memory. The hard drive is 1.34 GB and > it runs at 123 megs. It has a single internal slot on the side which > can be used either for a floppy drive or a CD Rom. I have both of them. > It has a USB connection, places for a parallel port and a serial port. > It has two slots for PCMCIA cards. My question is, if I install Linux > 9.0 on this machine, will it work, and how well? I assume you mean something like Red Hat 9 or SuSE 9 (the versions of the distributions). Linux is only at 2.6.something. > I know it *barely* handles Win 98. It was originally an OEM Win 95 > machine. Thanks for your comments. I use a newer Toshiba Satellite with Linux and it runs well. The thing that may cause you some grief is the 32M. I've run Linux on as little as 64M, but not tried 32M. You will want to turn off the graphical desktop with that little memory (how are you with an old fashioned command line interface?). One thing to watch out for on Toshiba laptops: The PCMCIA interrupts that get assigned by the Linux kernel hang the machine at boot. I've had this problem with numerous versions of Linux (all based on the 2.6 kernel) and I've heard from others with other Toshiba models of the same problem. Install with no cards in the PCMCIA slots and then, after a post-install boot, edit the file /etc/pcmcia/config.opts and add the lines: exclude irq 2 exclude irq 5 exclude irq 6 You can then safely add PCMCIA cards after the next reboot. Regards, Steve [TELECOM Digest Editor's Note: What I meant to say was 'Mandrake Linux 9.2' from Cheap Bytes in Lodi, CA. I'll try your suggestion along with the others received. Being a little bit lazy, I would still like to get the 3-COM ethernet card working with (already installed and apparently otherwise okay) Win-98. It is a mystery to me why the card worked fine with Win 95 and **appears to be** working okay with Win 98 (computer toots, says card is present, and no yellow exclamations or red 'x' marks in the properties and the green LED is lighted) but no traffic actually moves through it. PAT] ------------------------------ From: Fred Atkinson Subject: Re: Can't Move 800 Number to Vonage Date: Fri, 15 Oct 2004 20:13:33 GMT Organization: Road Runner - Columbia To respond to that, Pat, That number has followed me from carrier to carrier for years. I believe I originally got it from Sprint years ago. Presently, Power Net Global is translating it to my Vonage number. But, doesn't it seem silly that when someone dials that number I (1) pay for the time to Power Net Global and (2) the clock on my Vonage minutes is ticking away for the same time. If Vonage was handling my 800 number, this wouldn't be true. Fred [TELECOM Digest Editor's Note: Exactly *what reason* did Vonage give for not being able/willing to move it? So you have a loyalty to that number instead of taking the Vonage $4.99 per month with a hundred minutes included? Judith Oppenheimer is our 800 expert here, maybe she can explain what's going on. PAT] ------------------------------ From: Rick Merrill Subject: Re: Can't Move 800 Number to Vonage Organization: Comcast Online Date: Fri, 15 Oct 2004 20:16:21 GMT Fred Atkinson wrote: > Greetings, > A couple of months back, I called Vonage and spoke to their number > portability group. I was a bit surprised at the result. > I have a personal 800 number translated to my home telephone number > (not through Vonage). I wanted to get it rerouted to Vonage and my > Vonage telephone. > Their portability group said that they could not do that. They would > gladly provide me with a toll-free number and tranlate it to my > telephone, but they would not take an existing personal toll-free > number and have it pointed to Vonage. > I tried to get them to explain the reason they won't do this (when > they will get an existing number pointed at them). But, I am still > very much in the dark about it. > Does anyone have any feedback about this? I thought that 800 numbers were assigned in blocks to various telcos. The reason could be technical (your number 'belongs' to another) or contractural (they agree not to 'port' each other's numbers). Here's more: Until last May, a business that wanted to move its 800 service to another phone company had to change 800 numbers when it changed carriers. Under the old system, carriers held exclusive rights to the first three digits after 800 in numbers they had assigned. The Federal Communications Commission ruled in 1988 that carriers had to route calls using all seven digits after the 800 prefix. The new system allows any phone company offering 800-number service to use any of the roughly 10 million 800-number combinations now available. No company has an exclusive right to any number, which enables businesses to take their 800 number from phone company to phone company." http://www.findarticles.com/p/articles/mi_m1154/is_n12_v81/ai_14752908 Nation's Business: Playing the new 800 numbers game: some companies may find lower prices and higher levels of service now that 800 phone numbers are portable -- opportunity to retain an 800 business number when changing telephone companies. "This new system depends on two very sophisticated technologies. One is a central database that stores the carrier assignment for each of the 2.5 million 10-digit 800 numbers now in use. The other component is a network protocol that, among other things, lets the computers of the phone company originating the 800 call search the central database and transfer the call to the proper recipient." [TELECOM Digest Editor's Note: See my earlier comments this issue: Judith Oppenheimer is the best person to address 800 number inquiries. PAT] ------------------------------ From: markrobt@comcast.net (Mark Roberts) Subject: Re: Can't Move 800 Number to Vonage Date: Fri, 15 Oct 2004 21:23:42 -0000 Organization: 1.94 meters Fred Atkinson had written: > Their portability group said that they could not do that. They would > gladly provide me with a toll-free number and tranlate it to my > telephone, but they would not take an existing personal toll-free > number and have it pointed to Vonage. > I tried to get them to explain the reason they won't do this (when > they will get an existing number pointed at them). But, I am still > am very much in the dark about it. > Does anyone have any feedback about this? Vonage can be surprisingly inflexible about certain things. When I had two phone numbers with them, I wanted to swap the fax line number and the main line number. They said they couldn't do that. Since the account is billed by an account number independent of the phone number, I don't see what the problem would have been. Relevant to your question, these weren't 800 numbers but numbers that Vonage already "owned". (Actually in Northern California, they're blocks from Focal). I couldn't see what the problem was. Just transfer the features from line 1 to line 2 and recategorize the numbers. But, the answer continued to be "no". In any event, I dropped the fax number a couple of months later due to low usage. But it still rankles me slightly because I couldn't persuade Vonage to do something that a couple of RBOCs have previously done for me with nooooo problem. Mark Roberts|"Entire media networks, such as Fox News and Sinclair Oakland, CA | Broadcasting, prop up Bush in a way that would make NO HTML MAIL| their fellow propagandists in North Korea and Cuba proud." -- Markos Moulitsas, Guardian Unlimited, 2004-10-12 ------------------------------ Reply-To: BobGoudreau@nc.rr.com From: BobGoudreau@nc.rr.com Subject: Re: Last, Very Bitter, Sad Laugh! A Nice Place to Work! Date: Fri, 15 Oct 2004 16:08:16 -0400 hancock4@bbs=2Ecpcn=2Ecom (Lisa Hancock) wrote: > For some reason Amtrak, which takes up a miniscule [sic] part of the > Federal budget (1% of DOT, let alone the whole fed), seems to be the > target of deficit haters and the "reform govt" movements. Yet, > they ignore abuses like the aviation industry. For some reason, Amtrak zealots refuse to recognize how disproportiately large are the federal subsides lavished on Amtrak, given its tiny role in national transportation. For example, Amtrak averaged less than 460 million passenger miles per month last year, but nevertheless received a federal grant of $760 million for fiscal 2004 (see http://www.narprail.org/amstat.htm ) In contrast, airlines provided almost 100 times as many passenger miles per month in 2002 (the latest year for which statistics are available in http://www.bts.gov/publications/transportation_indicators/december_2002/entire.pdf). Road traffic accounted for at least 500 times as many (the actual number is 246 billion VEHICLE-miles traveled per month, so PASSENGER-miles traveled are actually higher still). So, to provide Amtrak-like subsidies to air and road travel (ie a bit under 14 cents per passenger-mile traveled), we would first have to abolish all the dedicated taxes and fees that current users of these ystems pay in order to fund the infrastructure they use (fuel taxes, airport fees, "Sept 11" ticket surcharges, etc). Then we would make the general public foot the bill, to the tune of $73 billion per year for ir travel and $407 billion per year for road travel. With numbers like those, you can see why some of us are less than enthusiastic about Lisa's "Amtrak in the sky" suggestion that the federal government nationalize bankrupt airlines. Amtrak ate less than a billion dollars of last year's federal budget, but an "AmSky" consuming $73 billion would make Amtrak look like a piker. Bob Goudreau Cary, NC ------------------------------ From: GL Fowler Subject: Re: Law Hits Home Date: Fri, 15 Oct 2004 20:19:16 GMT Organization: EarthLink Inc. -- http://www.EarthLink.net On Fri, 15 Oct 2004 01:10:57 GMT, William Warren wrote: > On Wed, 13 Oct 2004 14:46:10 GMT, GL Fowler wrote: >> If I send a postcard to my Aunt in Texas should I have an expectation >> that the postman won't read the card? > No more or less than if you put a digital version of the card on your > website and disclosed the URL only to your Aunt: both are intended to > be viewed by uninterested parties and their content will usually > reflect that. > Mail, of course, is different than a website: even if (as used to be > possible in the U.S.) you don't seal the envelope so as to get a lower > postal rate, it's very difficult for your cousins to read it unless > your Aunt shows it to them, and it's very difficult for anyone not > involved in the transfer to read it enroute. We trust the technicians > at our ISPs not to read our emails in the same way we trust the Postal > Carrier not to open our letters, even though both can violate that > trust easily and without leaving a trace. > Short of having a signet ring made and buying some sealing wax, > there's little that we can do to prevent unwanted examination of snail > mail: it's even appropriate sometimes, since it's necessary to prevent > the mails being used to send improper material. > In like manner, it's necessary for an ISP to look at emails when > they've been misrouted, or when they might contain a virus, or simply > to resolve formatting problems when converting between two code sets > or different languages. In both cases, we trust that the professionals > we've hired will respect our privacy. Since some ISPs don't subscribe > to this "social contract", I use encryption where appropriate. > FWIW. YMMV. >William As you will. Awfully long winded just to say, No. And even if I seal it in an envelope I can not be absolutely certain. If I put confidential information on a post card there will be the reasonable expectation that it will be compromised. If I do the same with a clear-text email so should I expect. End of story. "The best proof of intelligent life in space is that it hasn't come here." - Sir Arthur C. Clarke ------------------------------ Date: Fri, 15 Oct 2004 08:07:28 EDT From: Lisa Minter Subject: Internet Dreams Turn to Crime By Ariana Eunjung Cha of Washington Post CHELYABINSK, Russia -- Vasiliy Gorshkov did not set out to be a thief. Relatives and friends say he had wanted to build a dot-com like those he had read about on the other side of the world -- the Amazon.coms, eBays and Yahoos that were becoming household names even in this industrial expanse of dilapidated tenements and factories. But in the spring of 2000, just three months after he sank his inheritance into a quixotic start-up to build Web sites for corporations, Gorshkov was getting squeezed. Few merchants here wanted to hear about the Internet, much less invest in it. What's worse, Gorshkov told several associates, local crime bosses had started to demand that he hand over a percentage of his earnings to avoid smashed windows, theft of merchandise and broken bones. Gorshkov, then 24, didn't have the cash. Business associates recalled that he didn't even have enough money to keep paying his four programmers. But one of those programmers, 19-year-old Alexey Ivanov, said he knew how to raise the protection money, according to lawyers familiar with the conversation. Goshkov could offer a protection service of his own. To online businesses. Six thousand miles away in the United States. Soon, U.S. prosecutors said, Gorshkov and Ivanov were scouring the Internet looking for security vulnerabilities in the computer networks of American corporations. When they found a way in, they would steal credit card numbers or other valuable information. They would then contact the site's operator and offer to "fix" the breach and return the stolen data -- for a price. Within a few months, banking, e-commerce and Internet service providers across the country, including Central National Bank of Waco, Tex.; Nara Bank NA of Los Angeles; and Internet service provider Speakeasy Inc. of Seattle, became victims. The hackers also used online payment service PayPal Inc. to turn pilfered credit card numbers into cash by setting up phony accounts.The men would eventually expose American businesses to perhaps tens of millions of dollars in losses, the prosecutors said. Gorshkov and Ivanov are two of the hundreds, perhaps thousands, of virtually untraceable hackers who are overwhelming cyberspace. Hackers have stolen customer databases, company blueprints and credit card numbers. They have unleashed viruses, crashed computer systems, placed phony orders for merchandise, rerouted e-mail communications and committed various other mischief. Over the past few years, the U.S. Justice Department, the FBI, the Secret Service and other government agencies have accelerated efforts to counter cybercrime. Last week, Attorney General John D. Ashcroft said one joint operation resulted in the arrest of more than 130 people suspected of using the Internet to defraud 89,000 consumers and businesses of $176 million since the beginning of the year. Businesses are expected to spend $25 billion this year to fend off online intruders, according to market researcher IDC Corp. About 65 percent of all online attacks originate overseas. "The Internet makes moving money across continents faster, less of a hassle -- and easier to hide," said Louise I. Shelley, director of the Transnational Crime and Corruption Center at American University. International law is often ill-suited to deal with the problem, with conf licting views on what constitutes cybercrime, how -- or if -- perpetrators should be punished and how national borders should be applied to a medium t hat is essentially borderless. The FBI can't get us! "We don't think about the FBI at all," Gorshkov told a potential business partner. "Because they can't get us in Russia." Gorshkov was wrong. The events that led to his and Ivanov's arrest open a window on the elusive and lucrative world of computer hacking -- where many perpetrators no longer fool with computers just because they are bored or want to make political statements. They're in it for the money. The events were reconstructed from interviews with relatives, friends, co-workers, classmates and acquaintances of the hackers. Key details were corroborated by court records, prosecutors, defense lawyers and government inte lligence officials. Gorshkov answered several questions in a letter; Ivanov declined to be interviewed. Their case is unusual only because they were caught. Most online thieves, computer security investigators and prosecutors said, get away with it. Chelyabinsk might be the most polluted place on earth, because of an explosion in a nuclear-bomb-making factory in the 1950s that dumped radiation through its Ural Mountain river valley but was kept secret for decades. Monuments to Stalin's industrial push dominate the city of 1.2 million. During the Cold War, many residents lived well, working in state-of-the-art military installations that were so secret they were known only by their numbers. But since the collapse of the Soviet Union, the region has struggled and many residents have had trouble finding work comparable to what once was available. Gorshkov and Ivanov grew up here, though they didn't know each other until they were adults. Gorshkov is described as outgoing, with a gift for talking people into anything. He graduated from the area's top school, Southern Ural State University, with a mechanical engineering degree. Unlike most of his urbanite peers, who favored clothes in black and gray, Gorshkov -- a thin, muscular guy with a chiseled face -- would occasionally shock friends by showing up at gatherings wearing orange and purple shirts. Ivanov's life was more troubled. He left home at 16 and lived in a small fourth-floor apartment attached to the local prison. He is described as a computer whiz, having had the opportunity when he was very young to play with machines in the office of his mother, who is a history teacher. Ivanov briefly studied computers at Southern Ural State University, but he was kicked out after twice failing freshman exams, according to school officials. Children in Chelyabinsk play on an old tank. Since the collapse of the Soviet Union, many residents have had trouble finding work compatible to what once was available there. Gorshkov's company and its Web site, known as tech.net.ru, were born in February 2000 when he quit his auto-parts job and struck out on his own, plunking down $40 for the first month's rent for Room No. 502 at the Chelyabinsk Textile Factory. It was a shoestring operation. Desks were built from scrap materials. The chairs were hand-me-downs from a Coca-Cola marketing campaign. But his programmers were first-class. The first few months he was in business, Gorshkov negotiated contracts to build Web sites for two companies. But he did the work at a severely discounted price and it wasn't long before Gorshkov's money began to run out and Ivanov introduced him to a group called the Expert Group of Protection Against Hackers. The group was made up of several dozen loosely affiliated hackers at any given time, 12 to 15 in Chelyabinsk and others in Russian cities including Moscow and St. Petersburg, though it is unclear how many people in all were involved. There were lots of good programmers scattered throughout the country, but very few good jobs for them. In Chelyabinsk, a programmer might earn $200 to $300 a month, but the jobs available were anything but the cutting-edge perches for programmers in the biotech, telecom and Internet companies in other countries. So some of them looked for other ways to put their skills to work. Gorshkov set up his Internet company in a textile factory. From there, he and his employees eventually hacked into U.S. Web sites. The hackers typically worked in groups of twos and threes, according to U.S. law enforcement officials. Sometimes members knew each other only by their online aliases. Some did not know each other at all. Each group or cell operated somewhat independently -- using its own methods and determining its own targets for online hacking -- but paid 30 percent of what it collected to a krisha, or "protector" whom no one was willing to identify. "I don't know and I don't want to know," said one person involved with the group. Gorshkov suddenly found himself in a profitable business. He, Ivanov and another programmer, Michael -- a 19-year-old Siberian and college classmate of Ivanov's -- were one cell. Each had a distinct role, Michael said. Gorshkov was the coordinator, Ivanov the hacker. Michael poked around the exposed computer systems, hunting for data that might be useful. The tech.net.ru computers were meticulously organized to make the crimes as efficient as possible, investigators said. Each victim's information was kept in its own file; the hacking programs were placed in a folder labeled "badstuff." At first, the target companies were chosen pretty much at random, said Michael, who is known online as Hermit and spoke on the condition that his real name not be used. They could be any e-commerce or banking companies that sounded like they had money. Ivanov created a program that would search on Google for keywords such as "bank" or "casino" or "electronics" to find targets. They would then run potential victims through a program that scanned the companies' networks for known vulnerabilities. The group had only one rule about choosing victims: Stay away from Russian businesses. You may go to jail and that's the best case," Michael said. "More likely, you'll be killed." The main way they broke into corporate Web sites was through a well-known vulnerability in the widely used Microsoft NT server software. Often, they only had to type in the default username and default password created by the manufacturer and then, just like that, they were inside the network, said security consultant Kevin Mandia, a cybercrime consultant who helped U.S. law enforcement agencies investigate Gorshkov and Ivanov. Their attacks were brazen. The hackers rarely bothered to cover their tracks. Mandia described their technique as akin to "storming a bank with a machine gun." "You could take five months to plan a super-secret operation, but if your chances of getting caught were minimal why bother?" Mandia said. The first contact between the hackers and their victims would typically be an e-mail sent to the company's chief executive or systems administrator. It was a form letter that Ivanov had shown to a lawyer to make sure it was legal under Russian law. It was in rough but polite English. "Hello Mr.," it began. "We are a security consulting group specialized in banking and credit card services, big online shops, insurance companies. Due to our job we have to work on the territory that can't be controlled by U.S. authorities. Our government and laws are loyal to that kind of computer activities." It then listed the number and a description of insecure computers on the company network and offered their security services. The group typically signed off with an ominous warning: "YOUR SITE IS TOTALLY INSECURE!!!. It's not just bluff. Any user on the net can get ALL the personal information concerning any account." As later detailed in court documents, Ivanov would follow up with another e-mail, an online chat request or a phone call, and say he used stolen calling card numbers or had commandeered satellite voice systems, talking leisurely with the cell's victims. Ivanov was so bold he sometimes sent his resume -- and even photos -- to prove that he was a serious security consultant. The documents listed his home phone number and detailed his previous experience, noting that he was an expert in a half-dozen computer languages and that he had a passport but needed "visa support." The hackers asked for as little as a few hundred dollars from some start-ups and several hundred thousand dollars from corporations that sounded rich. In an interview, Michael claimed that his group made as much as $500,000 during one nine-month period, much of it wired to accounts in the Russian Federation, Romania and Cyprus. U.S. authorities have only been able to account for about $10,000 of the extortion fees paid to the hackers. It's unclear how many of the tens of thousands of stolen credit card numbers Gorshkov and Ivanov used. The "Expert Group" traded files of credit card numbers with each other and with other associates and sold the information, prosecutors say, making it a difficult if not impossible task to assess who used them. A U.S. spot-check found that nearly 1,300 of the credit card numbers on tech.net.ru were used for fraudulent purchases in Canada, France, Guatemala, Israel and many other countries. Reaction to the hackers varied widely among their victims. Some cursed them and others befriended them. Speakeasy, a company that started as an Internet cafe and then expanded to offer network services to homes and businesses, was among the most troublesome. The company refused to pay up even after Ivanov threatened, deleted files and posted customer information on a Web site. In online chat, Max Chandler, a systems administrator for Speakeasy, was tough, telling Ivanov that hacking is illegal, according to court documents. Ivanov was unmoved and typed in this response: "If you want put me to jail you never can do it because laws in my country is not work and my country don't have strong computer crime laws." Later on in the conversation, however, Ivanov sounded almost child-like as he asked Chandler for career advice. Ivanov: I need job only because I need money. Okay? Ivanov: What name of companies where you have friends? Chandler: Well, Microsoft of course Amazon Ivanov: Hey hey. Cool company. I steal a lot of CD/DVD/books from Amazon. Max, is it possible to get job in Microsoft or Amazon? Chandler: Sure. They're hiring all the time. Ivanov: I mean for me? Chandler: Well, you need to send them a resume but I can put a word for you in certain departments. Ivanov: Okay. Please do it. Some companies treated the extortion demands as regular business transactins. When Brian Miller, chief executive of Cambridge, Mass.-based Internet service provider Channel 1 Communications, heard from Ivanov about a breach in its computer systems, he concluded that it would be better to have Ivanov on his team than to fight with him. He wired $250 to an account that Ivanov provided and thanked him for his help. "I had a lot of sympathy for him," Miller said. "He seemed like a bright kid who just wanted to make some money and get out of his country. I thought maybe he would move on to better things." Gorshkov, meanwhile, still believed he could get his legitimate business off the ground. He paid his programmers $150 a month to pursue projects that he hoped would change the way Russians use the Internet in the same way the Silicon Valley dot-coms were transforming American culture. One employee was working on a more robust e-mail filtering system. Another person was trying to set up an Internet dating service. Yet another person was programming an online auction site. Two of Gorshkov's programmers, Maxim Semenov and Denis Bukarov, who U.S. authorities say were not involved in the extortion scheme, said they loved working for the company because of its ambition. Their boss encouraged them to spend part of their time tinkering with new technologies. "It's a problem to find an interesting job like the one I had" at tech.net.ru, Bukarov said. Michael said the hackers felt invincible, and in some ways they were. He described nights when none of the other programmers were around and the three of them would sit drinking vodka and singing songs. Ivanov loved tunes from old Russian movies and would begin to belt them out, off key. Gorshkov and Michael would join in. The more happy and playful their mood, he said, the more generous they would be to their would-be victims. Take the U.S.-based network administrator for a Singapore Internet service provider. Michael said he threatened to crash her system unless she paid up but she sounded so nice online that they felt bad about the whole thing. He told her that if she called up on the phone and sang "Happy Birthday" they would leave her alone. She did and he kept his promise to drop the extortion demand. No one would say what the group did with all its money. To friends and relatives, the changes in the men's lifestyles were subtle. They apparently didn't splurge on lavish dinners or buy expensive clothes. Ivanov wore second hand jeans and old scruffy boots, said his grandmother, Raisa Gorshkova, age 73. "He even smoked very cheap brand of cigarettes. Nobody smokes these anymore." Ivanov, though, bought a used car and a $1,000 cell phone. Gorshkov got an apartment for himself and his fiancee, Masha Milegova, who he met on a trolley on the way home one night and who was pregnant with their first child. The hackers also used the credit card numbers they had purloined from companies that refused to pay their fee. Once, they ordered 15 DVD players and had them delivered to a mailbox across the border in Kazakhstan, less than an hour from their homes. They also ordered music CDs, movies, laptops, cell and satellite phones and other electronics. They also abused the PayPal system to turn the stolen credit card numbers into cash by setting themselves up as seller and buyer in online auctions. (PayPal officials said they have since taken steps to reduce the chances that perpetrators of that type of scam will succeed.) Later, in November 2000, Gorshkov threw a housewarming party for himself. One of the half-dozen or so close friends in attendance, a medical student named Yvgenia Peleskova, recalled that they drank beer and watched "Gone in 60 Seconds," a movie about ingenious car thieves who could break any lock, get past any alarm and never get caught. Peleskova remembered that it was a "big hit" with the people in the room. But while Gorshkov and Ivanov were laughing about their good fortune, they had become the target of a manhunt originating in America. Some of the companies the hackers thought were cooperating with them were actually working for the FBI. A Tempting Offer for the Russian Guys Jon Morgenstern's nightmare began with an e-mail. It arrived in his computer's mailbox on July 15, 2000, and its basic message was this: Your security has been compromised. We would like to help you. Morgenstern, president of E-Money Inc., a Washington-based provider of technology for online payment transactions, immediately suspected the message's underlying meaning. It was a threat. His fears were confirmed the next day when a youthful-sounding man called and asked Morgenstern if he had received the e-mail. The man identified himself as "Alex," said he was from Russia and part of something called the "Expert Group of Protection Against Hackers." He said he had gotten access to the firm's customer database , including credit card information, and would be happy to ensure that further intrusions were not possible -- as long as E-Money would pay him $500,000 to do so. As proof that E-Money's computer had been broken in to, he asked Morgenstern to go to one of his servers and look for a system file containing some digital graffiti. Morgenstern had no trouble finding the file. It said: "Alex was here." So began a series of transatlantic telephone, e-mail and instant message exchanges about how to resolve the situation. In the ensuing back-and-forth between Morgenstern and his attackers, a kind of easy rapport developed that would ultimately lead to the arrest of two members of the "Expert Group" and allow U.S. officials to gain new insight into an overseas hacking networks that to this day continues to terrorize American businesses. Hacking has reached crisis levels in the past few years -- the average U.S. company is attacked 30 times a week, according to the online security firm Symantec Corp. Most are not serious; they are efforts to scan computer networks for vulnerabilities. Still, a significant number -- about 15 percent -- are actual attempted or successful intrusions. Morgenstern, meanwhile, was conflicted. He didn't want to pay any extortion fee but he was determined not to let the hackers ruin his company's reputation either. He was worried that news of even a minor break-in might spook customers. After all, E-Money was built on trust. Morgenstern hired an expensive security consultant from Silicon Valley to respond to the hackers and ordered his systems administrators to do a complete analysis of the E-Money systems for other vulnerabilities, tasks that he estimates ended up costing his company more than $1 million in fees, lost business and new computer equipment. Meanwhile, Morgenstern tried to negotiate with the hackers. The $500,000 demand to "assist in repairing the system" became $250,000, then $150,000, and then $75,000. But when he still wouldn't pay, Morgenstern said, the hackers launched a new type of attack, bombing the company's network with so much bogus traffic that it caused his network to slow so much that legitimate transactions could not get processed. Morgenstern then called the FBI. To the agency, it was a familiar story. The FBI for many months had been tracking organized hacker groups in Russia, the Ukraine and other countries who had been trying to extort money from operators of Web sites. In particular, references to the "Expert Group" kept coming up. "The number of victims and losses involved made us take notice," remembered Charlie Mandigo, an FBI agent who was one of the supervisors of the investigation of the extortion cases. By the next year, the problem would become severe enough that the FBI would issue an unusual alert about the spree, which they said netted more than 1 million credit card numbers. The agency pleaded with firms to better secure their systems. The FBI's Don Cavender, who worked on the cases, said the breadth of the attacks showed the need for more trained cybercrime investigators. In part as a response to these case, the FBI recently doubled its staffing to 700 agents, supplementing the 200 trained agents the Secret Service employs. The local field office of the FBI sent two agents to help Morgenstern. They came by E-Money's offices and brought equipment so that Morgenstern could record all his conversations with Alex and a friend who called himself Victor, or Vladimir. Over several weeks, the FBI agents came by and sat next to Morgenstern at his Dupont Circle headquarters and his Gaithersburg home, listening in on his negotiations, their vigil fortified by one Diet Pepsi after another. They advised him to keep notes, drag out the negotiations and gather as much information as possible about the guys he was dealing with. Morgenstern said he spoke to them at least four times a week, or often more. It was always Alex or Victor who initiated the conversation, claiming to be dialing in from a satellite phone they had commandeered. The first few conversations followed this formula: Alex would begin by of fering to lower the price for "protection" from hacking. Each time Morgenstern would make up different excuses about why he couldn't pay. "My board is made up of very strict guys and they want to meet you and put you on a long-term retainer," Morgenstern told them. (With only 15 employees, E-Money did not, in fact, have a board.) "We need you in the United States. Or how about a more neutral place -- Finland? Denmark?" Morgenstern asked. (He was hoping officials in those countries would be more cooperative about letting U.S. authorities arrest the hackers.) But as the days went by, the tenor of the conversations changed. The men went from sounding arrogant and angry to gradually becoming more chatty. Sometimes the hackers would call Morgenstern at home. Morgenstern said his young son became so used to the odd-hours phone calls that he would often pick up and shout "Dad, it's Alex on the phone again!" Morgenstern told them about life in the United States and they in turn told him about life in Russia. Alex said he was fresh out of school and had had trouble finding a job and had little money for food or clothes. Victor said he was older, married with a child. Their personalities were evident in their choice of e-mail addresses: Alex was "megapunk" while Victor used a more generic name, "accessd. " Alex seemed okay with his situation, once saying that he could "live like a king here" on the money he made from American companies. But Victor was more uneasy. "You don't understand how hard I work. I work 72 hours at a time and I have all my programmers [to care for]. They are sleeping here and then we work more and more ... Jon, you think I like to do this for a living?" Morgenstern recalled Victor saying. Alex and Victor described how they were forced by men with "leather jackets" and "big guns" to work for a crime group and that he was supposed to get 50 cents per credit card number. The problem, they said, was that they often didn't get paid. Then one day Victor said something that threw Morgenstern off completely: He told him to forget about the extortion fee. He simply asked for a visa and employment in the United States. "Please get job from America," Morgenstern remembered Victor telling him. "John, I will fix up your system and you will never get anyone attack you again. I need to bring my wife and little child." Victor confirmed his intentions in a follow-up e-mail a few days later, on Sept. 11. "I have made a decision to come and visit you in USA whenever will happen to me. I am [expletive] tired of hiding. I will take a risc [sic]. I think I can trust you ... I want to get a job to forget about my criminal past ... I can departure next week." Morgenstern, who is a lawyer, empathized with their situation. He offered to serve as the men's representative and tried to broker an offer of immunity from the FBI if the two were to come to the United States and find honest work. He put them in touch with an agent who said he would talk to them about the possibility. The attacks abruptly stopped and Morgenstern never heard from the men again. By the summer of 2000, about the time Morgenstern's systems had been hacked, the United States had come to view the "Expert Group" as a major threat to the country's financial networks. People identifying themselves as members of the group had claimed responsibility for some of attacks on some of the country's most critical companies -- Western Union, PayPal and a series of regional banks. Investigators worried that perhaps the extortion demands represented only part of what the group was trying to accomplish. They feared the hackers had control of other computer networks that no one knew about and that they were attempting to creating a "credit card production system" that they could tap at any time. The attacks seemed to be coordinated by someone who knew more about money laundering than the average hacker, someone who could turn the credit card numbers in to goods and then sell the goods to generate cash. "One of the more disturbing trends we were beginning to see was an increased level of cooperation between the Russian hacker community and traditional organized crime," said Shawn J. Chen, a U.S. attorney in Connecticut who worked on the case. More than a dozen U.S. attorneys and FBI agents from Connecticut, Washington, California and New Jersey convened a series of brainstorming conferences about how to stop them. For months the law enforcement group had been pursuing conventional methods of trying to capture the Russian hackers. They suspected at least some of the hacks were being conducted by someone named Alexey Ivanov. He was so bold that he had been sending his resume and picture around to companies he was trying to extort. While authorities were investigating an incident at CTS Network Services in Seattle, which had "hired" Ivanov as a consultant, they found 38,000 partial credit card numbers from E-Money databases on one of the hacker's computer accounts. The Justice Department sent a letter through diplomatic channels asking that Ivanov be detained and questioned. There was no response. They sent a follow-up inquiry. Again, no response. To catch Ivanov, U.S. authorities couldn't very well go to Russia and grab him so they had to figure out a way to get him here, recalled Stephen Schroeder, one of the main U.S. attorneys on the case. "We do not have an extradition treaty with Russia so unless they were found outside of Russia our ability to deal with them would be limited," said Schroeder, who recently retired. The United States has taken the lead in recent years on trying to get coun= tries to cooperate in cybercrime investigations. It came to an agreement with other G-8 nations, which represent the governments of the world's biggest industrialized countries, to create a way for them to more easily share information and to make Internet service providers save data about break-ins. U.S. authorities have also sent attorneys and agents to travel around the world to train foreign intelligence officials about how to investigate such crimes. They are urging other countries to draft laws making hacking illegal. But in the end it is up to individual nations to decide whether they want to help. Morgenstern's pleas for the Russian programmers to meet him to discuss a business contract was just one of the ways the FBI was working behind the scenes to try to get the hackers to a place where they could be arrested. His conversations with the hackers along with those of other victims yielded valuable clues about the group's personality and hierarchy, allowing the U.S. government to invent what must have been seemed to Ivanov as an opportunity he couldn't refuse. That turned out to be a potential job offer from a fake company called Invita Technologies. Invita claimed to be looking to partner with a security firm to provide consulting services to U.S. companies. Investigators sent a flattering letter to Ivanov, telling him they had heard good things about him and were considering him as a candidate. He would need to come to their offices in Seattle for an interview. From Ivanov's perspective, the offer must have seemed magical: Finally someone recognized his talents and was offering to bring him to America. Ivanov contacted Invita and agreed, asking if he also could bring along his "business partner," a Vasiliy Gorshkov whose name the FBI officials hadn't heard before. The company responded yes. It would pay all of Ivanov's expenses, but his associate Gorshkov would need to buy his own plane ticket. Gorshkov gladly shelled out the money. Sergey Gorshkov, Vasiliy's older brother by two years and now 29, remembers that Vasiliy couldn't stop smiling after he received the letter. "It seemed like a dream come true to him, to all of us," Sergey said in a recent interview. A "company" representative picked them up from the airport in November 2000, took them to what looked like an ordinary office building. There, the hackers were asked to prove their skills, that they knew what they were talking about. The guys got busy at their laptops right away. The FBI secretly videotaped the encounter. The grainy black-and-white video shows two young men in the heavy, puffy coats they brought with them from Chelyabinsk -- outerwear that looked out of place in the mild weather of Seattle. Company employees flit around them in the 8-by-20-foot room asking if they want drinks or anything else to make them comfortable. They muse about the price of cigarettes, the weather. Then the real conversation begins. Gorshkov takes charge, telling the officials that the two men are experienced hackers. He describes past exploits as Ivanov sits silently tapping away at the keyboard of his laptop and later at one of the "company's" computers, apparently analyzing various Web sites and their security vulnerabilities while playing snippets of pop music. An undercover FBI agent asks: "So how often have you guys hacked into computer systems and have you ever found or taken credit card numbers?" Gorshkov avoids the question. He chuckles, then says, "These things are better talked about in Russia." But as the conversation drags on for an hour or so, he becomes bolder. Gorshkov: "We don't think about the FBI at all. Because they can't get us in Russia." FBI: "Right." Gorshkov: "Your guys don't work in Russia." Unbeknownst to Gorshkov and Ivanov, the agents had installed onto the "company's" computers a program that logged the young men's keystrokes as they were accessing the tech.net.ru systems in Russia. That allowed U.S. law enforcement to obtain the hackers' passwords. At about 5 p.m., the company officials offer to take Gorshkov and Ivanov to the flat that has been rented for them. After a short drive, the car doors burst open and someone shouts: "FBI -- Get out of the car! Get out of the car with your hands behind your back," according to a transcript of the taped encounter. There's garbled conversation and then one of the hackers -- it isn't clear which one -- starts pummeling the vehicle. "It's not my car," one of the FBI agents says. "Yeah, you can hit it. I don't care." A few hours later it was over. Gorshkov and Ivanov were in jail. And FBI computer specialists were preparing to enter the hackers' computers in Russia. They would eventually download 2,700 megabytes of data -- hacking programs, extortion letters, credit card numbers -- to help them build their case. Morgenstern didn't hear about the arrests until early 2001, a few months after they happened. By that time, he had managed to sell his business for a tidy sum to a competitor (he still serves as an executive). He wasn't sure whether Gorshkov and Ivanov were in fact the men he talked to on the phone but he knew they were somehow linked because they all identified themselves as part of the "Expert Group." He had mixed feelings about the sting. He was angry at the men for jeopardizing his business but he had come to understand that perhaps they had little choice in doing what they did. "It isn't their fault that they were born in a place where they don't have opportunities," Morgenstern said. Gorshkov pleaded innocent but was found guilty of conspiracy, computer fraud, hacking and extortion. Last fall, he was sentenced to three years in prison and ordered to pay $700,000 in restitution. In a plea agreement, Ivanov acknowledged hacking into 16 companies, including E-Money, as well as a scheme to defraud payment service PayPal by using stolen credit card numbers to set up accounts. Ivanov is likely to be sentenced this summer (2003) and faces up to 20 years in prison and a $250,000 fine. The FBI sting operation was held up as a example of the ingenuity of American law enforcement. Two of the agents who set up the sting -- Marty Prewett and Michael Schuler -- won outstanding criminal investigation awards from the agency's director. But there was still a little problem. In a series of interviews with investigators that took place over the next year, Ivanov acknowledged that he hacked E-Money but that he was not Alex and Gorshkov was not Victor as U.S. authorities initially had believed. Someone else had been on the phone with Morgenstern, he claimed, and that someone else was still in Russia. And U.S. authorities continue their investigation to this day. It is unlikely the third person alluded to will ever come to the United States. A copy of a Press Release regarding Russian Computer Hacker Convicted by Jury (October 10, 2001) is available by the following link: www.cybercrime.gov/gorshkivconvict.htm. Additional information about cybercrime is available at www.cybercrime.gov. *** FAIR USE NOTICE. This message contains copyrighted material the use of which has not been specifically authorized by the copyright owner. This Internet discussion group is making it available without profit to group members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of literary, educational, political, and economic issues, for non-profit research and educational purposes only. I believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner, in this instance Washington Post Company. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml ------------------------------ TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of networks such as Compuserve and America On Line, Yahoo Groups, and other forums. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'. TELECOM Digest is a not-for-profit, mostly non-commercial educational service offered to the Internet by Patrick Townson. All the contents of the Digest are compilation-copyrighted. You may reprint articles in some other media on an occasional basis, but please attribute my work and that of the original author. Contact information: Patrick Townson/TELECOM Digest Post Office Box 50 Independence, KS 67301 Phone: 620-402-0134 Fax 1: 775-255-9970 Fax 2: 530-309-7234 Fax 3: 208-692-5145 Email: editor@telecom-digest.org Subscribe: telecom-subscribe@telecom-digest.org Unsubscribe:telecom-unsubscribe@telecom-digest.org This Digest is the oldest continuing e-journal about telecomm- unications on the Internet, having been founded in August, 1981 and published continuously since then. Our archives are available for your review/research. We believe we are the oldest e-zine/mailing list on the internet in any category! URL information: http://telecom-digest.org Anonymous FTP: mirror.lcs.mit.edu/telecom-archives/archives/ (or use our mirror site: ftp.epix.net/pub/telecom-archives) Email <==> FTP: telecom-archives@telecom-digest.org Send a simple, one line note to that automated address for a help file on how to use the automatic retrieval system for archives files. You can get desired files in email. ************************************************************************* * TELECOM Digest is partially funded by a grant from * * Judith Oppenheimer, President of ICB Inc. and purveyor of accurate * * 800 & Dot Com News, Intelligence, Analysis, and Consulting. * * http://ICBTollFree.com, http://1800TheExpert.com * * Views expressed herein should not be construed as representing * * views of Judith Oppenheimer or ICB Inc. * ************************************************************************* ICB Toll Free News. Contact information is not sold, rented or leased. One click a day feeds a person a meal. Go to http://www.thehungersite.com Copyright 2004 ICB, Inc. and TELECOM Digest. All rights reserved. Our attorney is Bill Levant, of Blue Bell, PA. ************************ DIRECTORY ASSISTANCE JUST 65 CENTS ONE OR TWO INQUIRIES CHARGED TO YOUR CREDIT CARD! REAL TIME, UP TO DATE! SPONSORED BY TELECOM DIGEST AND EASY411.COM SIGN UP AT http://www.easy411.com/telecomdigest ! ************************ --------------------------------------------------------------- Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of fifty dollars per year per reader is considered appropriate. See our address above. Please make at least a single donation to cover the cost of processing your name to the mailing list. All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization. End of TELECOM Digest V23 #492 ******************************