David Cassel (destiny@wco.com)
Wed, 23 Oct 1996 15:49:54 -0700 (PDT)
CNN is reporting that today the FBI "hinted" they were close to making an arrest in the child pornography spam. Stories have appeared in Reuters, the Associated Press, CNN, and the Washington Post. Reuters reported that AOL was "deluged" with complaints, and said the FBI observed tips came to their offices "around the country". More interesting, an AOL officer told Reuters the account holders were not the ones who sent the mail. Hackers have been boasting about the capability to access any AOL account--without a password--since last spring. Some speculate hackers had moles in AOL's customer service department--when the editor of Internet Underground magazine contacted hackers for a story, they offered to recite his credit card number as proof. In July the Florida Times- Union reported AOL's Florida customer service building housed an employee who helped "hijack" customer credit card numbers. When arrested and convicted, he implicated two other employees [7/7/96]. AOL caught 38 of their own staffers in a June raid on the Warez chat room. And to this day, one hacker's web page contains screen shots of AOL's internal software. (http://www.netvirtual.com/blank/aol/) Even Reuters has picked up on AOL's low-security climate. Their story noted that "Hackers have in the past established bogus America Online accounts using stolen credit card numbers and the signup disks the service widely distributes..." The Washington Post reported 370,000 fake accounts were created between March and June [9/16/96]). That lends an odd context to the child pornography spam. Earlier this year AOL's postmaster collected the tens of thousands of messages Cyberpromotions sent to invalid addresses--then bounced them back, all at once. Cyberpromotions saw this as a vindictive prank, and took AOL to court, but some netizens lauded AOL for their effective retaliation. But today a University of Maryland graduate student told the San Francisco Examiner he received ten pieces of spam advertising a program called AKIMA--giving the same address in Jackson Heights. The student said he believes the child pornography mail was retaliation for the earlier spams advertising AKIMA--a program which, ironically, allows mass e-mailing to AOL subscribers. This raises the question: was the child pornography spam a variation of the postmaster's prank, perpetrated by someone within AOL? Their customer service department's ties to the hacker community beg the question. In September, speaking about unwanted spam, Steve Case said "this is the number one complaint we hear from our members." Either way, the event is being used to push pre-existing agendas. In an interview with the San Francisco Examiner, a federal law enforcement official "said it is apparently not against the law to pull a hoax on the Internet." And CNN took this opportunity to link to their "related" story, "Pedophiles stalk internet for victims". In September they had interviewed two customs agents, reporting that the two "said they become suspicious when someone offers pictures of celebrities--often a code word for child pornography." Coincidentally, CNN cites them as the agents who arrested Robert Green and Richard Russell--the school teachers running the child pornography ring on America Online (mentioned in a previous update). The Customs agents told CNN the teachers had "used computers to lure children to a certain location, where they would be molested." The Phoenix Gazette reported the men would then produce videotapes of the children they met on America Online. One of the boys was 11, the other 15; they were paid $15 each. Ironically, news of the account breach came from AOL's public affairs officer William Burrington, who was last seen at the Philadelphia trial for the Communications Decency Act, where Declan McCullagh's dispatch said he characterized AOL "as a 'resort pool with lifeguards' next to the wild, untamed ocean of the Internet". Current events don't bear that out. Part of the problem is their resort pool offers an unlimited supply of fake screen names--and apparently, the security on them isn't foolproof. (Even with the "lifeguards"...) In 1995 Burrington also testified before Congress about AOL's child pornography problems. He attributed the trafficking to "a very small percentage of its customers." An article in the Boston Phoenix, noting Burrington's "wind-tunnel-resistant hair", suggested the obvious follow-up question would be, "what percentage of members who traffic in child pornography is acceptable to AOL?" Watch for a story about this in tomorrow's Netly News (http://www.netlynews.com) Destiny More information - http://www.wco.com/~destiny/porndex.htm ~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~ Please forward with headers in-tact. To subscribe to this moderated list, send a message to MAJORDOMO@CLOUD9.NET containing the phrase SUBSCRIBE AOL-SUX in the message body. ~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~++~