Computer underground Digest Wed Feb 4, 1998 Volume 10 : Issue 09 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Field Agent Extraordinaire: David Smith Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #10.09 (Wed, Feb 4, 1998) File 1--Air Force & an Incomptent prosecution of "hacker"? File 2--THREE MYTHS ABOUT GOVERNMENT, MARKETS, AND THE NET (fwd) File 3--"Growing Up Digital", Don Tapscott File 4--Cu Digest Header Info (unchanged since 7 May, 1997) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Wed, 7 Jan 1998 23:32:22 -0500 From: "George Smith [CRYPTN]" <70743.1711@compuserve.com> Subject: File 1--Air Force & an Incomptent prosecution of "hacker"? Source - CRYPT NEWSLETTER 46 January 1998 AIR FORCE INVESTIGATIVE OFFICE DEEMED INCOMPETENT DURING ROME LABS 'INFO-WAR' BREAK-IN "The cream of US military intelligence last week had their bungled attempt to prosecute a bedroom hacker thrown out by a British court," screamed the lead of a November 28, 1997 piece in the United Kingdom newspaper, The Guardian. Even as the President's Commission on Critical Infrastructure Protection was spinning yet more scenarios of imminent techno-Gotterdammerung, the wheels were coming off one of the U.S. military's most extensive public relations campaigns. Aimed at creating the image of menacing hackers in the employ of foreign powers, U.S. Air Force claims fell apart in English court, out of sight of the U.S. newsmedia as the U.K. press looked on and smirked. Matthew Bevan, 23, a hacker known as Kuji, walked out of a south London Crown Court a free man as prosecutors confessed it wasn't worth trying him on the basis of flimsy claims made by the U.S. military. Further, he was deemed no threat to national computer security. Since 1994, the U.S. government has used Bevan, and a younger partner, Richard Pryce, in reports by the Air Force, the Government Accounting Office, the Pentagon's Defense Science Board report on information warfare and the recent Marsh Commission, on the dangers posed by international terrorists using the worldwide computer networks to attack the United States. ". . . [the] story of the Bevan and Pryce cases shows [the Air Force's] forensic work to have been so poor it would have been unlikely to have stood up in court and convicted Bevan. The public portrayal of the two Britons as major threats to U.S. national security was pure hype," wrote Duncan Campbell for The Guardian. However, events really began in 1994, when the two young men broke into an Air Force installation known as Rome Labs, a facility at the now closed Griffiss Air Force Base, in New York. This break-in became the centerpiece of a Government Accounting Office report on network intrusions at the Department of Defense in 1996 and also constituted the meat of a report entitled "Security and Cyberspace" by Dan Gelber and Jim Christy, presented to the Senate Permanent Subcommittee on Investigations during hearings on hacker break-ins the same year. It is interesting to note that Christy, the Air Force Office of Special Investigations staffer/author of this report, was never at Rome while the break-ins were being monitored. Before delving into this in detail, it's interesting to read what a British newspaper published about Richard Pryce, known as Datastream Cowboy, then seventeen, about a year before he was made the poster boy by the GAO. In a brief article, blessedly so in contrast to the reams of propaganda published on the incident for Congress, the July 5, 1995 edition of The Independent wrote, "[Datastream Cowboy] appeared before Bow Street magistrates yesterday charged with unlawfully gaining access to a series of American defense computers. Richard Pryce, who was 16 at the time of the alleged offences, is accused of accessing key U.S. Air Force systems and a network owned by Lockheed, the missile and aircraft manufacturers." Pryce, a resident of a northwest suburb of London, was charged with 12 separate offenses under the British Computer Misuse Act. He was arrested on May 12, 1994, by New Scotland Yard. The Times of London reported when police came for Pryce, they found him at his PC on the third floor of his family's house. Knowing he was about to be arrested, he "curled up on the floor and cried." The Air Force's tracking of Pryce, and to a lesser extent, Bevan, was recounted in an eight page appendix to Gelber's and Christy's "Security and Cyberspace," entitled "The Case Study: Rome Laboratory, Griffiss Air Force Base, NY Intrusion." Pryce's entry into Air Force computers was originally noticed on March 28, 1994, when personnel discovered a sniffer program he had installed on one of the Air Force systems in Rome. The Defense Information System Agency (DISA) was notified. DISA subsequently called the Air Force Office of Special Investigations (AFOSI) at the Air Force Information Warfare Center (AFIWC) in San Antonio, Texas. AFIWC then sent a team to Rome to appraise the break-in, secure the system and trace those responsible. During the process, the AFIWC team of computer scientists -- not AFOSI investigators, a point not clearly made by the Air Force authors and one that becomes more important upon viewing the fallout and repercussions of the case -- discovered Datastream Cowboy had entered the Rome Air Force computers for the first time on March 25. Passwords had been compromised, electronic mail read and deleted and unclassified "battlefield simulation" data copied off the facility. The Rome network was also used as a staging area for penetration of other systems on the Internet. Air Force personnel initially traced the break-in back one step to the New York City provider, Mindvox. According to the Christy report, this put the NYC provider under suspicion because "newspaper articles" said Mindvox's computer security was furnished by two "former Legion of Doom members." "The Legion of Doom is a loose-knit computer hacker group which had several members convicted for intrusions into corporate telephone switches in 1990 and 1991," wrote Gelber and Christy. The Air Force then got permission to begin monitoring -- the equivalent of wiretapping -- all communications on the Rome Labs network. Limited observation of other Internet providers being used during the break-in was conducted from the Rome facilities. Monitoring told the investigators the handles of hackers involved in the break-in were Datastream Cowboy and Kuji. Since the monitoring was of limited value in determining the whereabouts of Datastream Cowboy and Kuji, investigators resorted to "their human intelligence network of informants, i.e., stool pigeons, that 'surf the Internet.' Gossip from one 'Net stoolie to Air Force investigators uncovered that Datastream Cowboy -- [Richard Pryce] -- was from Britain. The anonymous source said he had e-mail correspondence with Datastream Cowboy in which the hacker said he was a 16-year old living in England who enjoyed penetrating ".MIL" systems. Datastream Cowboy also apparently ran a bulletin board system and gave the telephone number to the AFOSI source. The Air Force team contacted New Scotland Yard and the British law enforcement agency identified the residence, the home of Richard Pryce, which corresponded to Datastream Cowboy's system phone number. English authorities began observing Pryce's phone calls and noticed he was making fraudulent use of British Telecom. In addition, whenever intrusions at the Air Force network in Rome occurred, Pryce's number was seen to be making illegal calls out of Britain. Pryce travelled everywhere on the Internet, going through South America, multiple countries in Europe and Mexico, occasionally entering the Rome network. From Air Force computers, he would enter systems at Jet Propulsion Laboratory in Pasadena, California, and the Goddard Space Flight Center in Greenbelt, Maryland. Since Pryce was, according to Air Force investigators, capturing the logins and passwords of the networks in Rome Labs, he was then able to get into the home systems of Rome network users, defense contractors like Lockheed. By mid-April of 1994 the Air Force was monitoring other systems being used by the British hackers. On the 14th of the month, Kuji logged on to the Goddard Space Center from a system in Latvia and copied data from it to the Baltic country. According to Gelber's report, the Air Force observers assumed the worst, that it was a sign that someone in an eastern European country was making a grab for sensitive information. They broke the connection but not before Kuji had copied files off the Goddard system. As it turned out, the Latvian computer was just another system the British hackers were using as a stepping stone; Pryce had also used it to cover his tracks when penetrating networks at Wright-Patterson Air Force Base in Ohio, via an intermediate system in Seattle, cyberspace.com. The next day, according to the AFOSI report, Kuji was again observed trying to probe various systems at NATO in Brussels and The Hague as well as Wright-Patterson. On the 19th, Datastream Cowboy successfully returned to NATO systems in The Hague through Mindvox. The point Gelber and Christy were laboriously trying to make was that Kuji -- Matthew Bevan -- a 21-year old, was coaching Pryce during some of his attacks on various systems. By this point, New Scotland Yard had a search warrant for Pryce with the plan being to swoop down on him the next time he accessed the Air Force network in Rome. In April, Datastream Cowboy penetrated a system on the Korean peninsula and copied material off a facility called the Korean Atomic Research Institute to an Air Force computer in Rome. At the time, the investigators had no idea whether the system was in North or South Korea. The impression created was one of hysteria and confusion at Rome. There was fear that the system, if in North Korea, would trigger an international incident, with the hack interpreted as an "aggressive act of war." The system turned out to be in South Korea. It's worth noting that while the story was portrayed as the work of an anonymous hacker, New Scotland Yard already had a suspect. Further, according to Gelber's and Christy's report, English authorities already had a search warrant for Pryce's house. On May 12, British authorities pounced. Pryce was arrested and his residence searched. He crumbled, according to the Times of London, and began to cry. Gelber and Christy write that Pryce promptly admitted to the Air Force break-ins as well as others. Pryce confessed he had copied a large program that used artificial intelligence to construct theoretical Air Orders of Battle from an Air Force computer to Mindvox and left it there because of its great size, 3-4 megabytes. Pryce paid for his Internet service with a fraudulent credit card number. At the time, the investigators were unable to find out the name and whereabouts of Kuji. A lead to an Australian underground bulletin board system yielded nothing. On June 23 of 1996, Reuters reported that Matthew Bevan had been arrested and also charged in connection with the 1994 Air Force break-ins in Rome. Bevan was found in the same low-tech manner as Pryce. His phone number was eventually lifted by Scotland Yard from Pryce's seized PC. "Had it not been for Scotland Yard, the relatively innocuous Pryce and Bevan would never have been found and the U.S. Senate would still be hearing about cyberterrorists from faraway lands," wrote the Guardian's reporter. Lacking much evidence for conspiratorial computer-waged campaigns of terror and chaos against the U.S., the makers of Congressional reports nevertheless resorted to telling the same story over and over in 1996, three times in the space of the hearings on the subject. As a result, Pryce and Bevan appeared in "Security in Cyberspace" and twice in Government Accounting Office reports AIMD-96-84 and T-AIMD96-92 in 1996, which were essentially rewritten versions of the former with additional editorializing. Jack Brock, the author of these now famous GAO reports on hacker intrusions at the Department of Defense wrote, ". . . Air Force officials told us that at least one of the hackers [of Rome Labs] may have been working for a foreign country interested in obtaining military research data or areas in which the Air Force was conducting advanced research." This was not even close to the truth. [Alert Crypt Newsletter readers will recall Mr. Brock was a nominee in the 1996 Computer Virus Hysteria Awards.] But what were Bevan and Pryce really after? Not Air Force advanced research! Unless . . . you are one of those who are convinced the U.S. military is really hiding a flying saucer at Area 51 in Nevada. According to the Guardian account, Matthew Bevan was interested in little but gathering evidence confirming that Area 51 was a secret hangar for captured alien spacecraft. The Guardian news report was also extremely critical of Air Force computer scientist Kevin Ziese. Ziese, said the Guardian, "led a six-strong team [from San Antonio] whose members, or so he told Fortune magazine, slept under their desks for three weeks, hacking backwards until Pryce was arrested." "Since then, Ziese has hit the US lecture circuit and [privatized] his infowar business. As the WheelGroup corporation of San Antonio, he now sells friendly hacking services to top U.S. corporations," reported the Guardian. However, while the Guardian was accurate in its assessment of the trivial menace of Bevan and Pryce, it was off in its characterization of Ziese, missing the real target -- investigators from AFOSI and the authors of the Gelber/Christy report, according to information supplied in interviews with Ziese. Ziese commented to Crypt Newsletter that he "[had] not hit the lecture circuit." He added that he was amused by the content of the article in the Guardian and that "to date, no one has ever asked me even one question -- beyond my initial deposition to New Scotland Yard in 1996 -- regarding the Rome Lab case!" Digging more deeply into the story, the evidence gathered on the Rome Labs break-in can be separated into two distinct classes. "The first," said Ziese," [was] the deposition I gave sometime in and about May of 1996 to New Scotland Yard." The second is the same shopworn story the "extremely incompetent criminal investigators had gathered originally," he added. It was the investigators from the Air Force Office of Special Investigations, not the group of computer scientists from the Air Force's Information Warfare Center in San Antonio -- which Ziese led -- who peddled the Rome Labs break-in as evidence of international spying. "Unbeknownst to the public at large, we had a very complete set of tools [and a] chronology," said Ziese. "It was the criminal investigators who tied our hands, lost critical pieces of data and refused to allow us to testify/discuss the case. "They wanted to make a mountain out of a molehill." In this, they were successful. ". . . it was incompetent criminal investigators who saw a spy under every rock," Ziese continued, "not the computer scientists I brought with me to Rome." AFOSI was responsible for the "hogwash that has been published to date about the Rome Lab attacks." By the English account, the evidence submitted by the U.S. military investigative team was almost worthless: "[E-mails] of edited files that had been relayed to Ziese and others." A desire for secrecy also backfired on the Air Force. In May of this year, the Air Force declined to allow Bevan's defense to look at the test programs they claimed to have used to monitor his intrusions and " . . . having set traps to catch hackers, [the Air Force] neglected to produce before and after file dumps of the target computers." The result was: "In the end, all the Americans handed over was patchy and circumstantial evidence that their computers had been hacked from Britain." In March of this year, Richard Pryce -- now 19 -- was fined 1,200 pounds for offenses related to unauthorized access in connection with the break-ins at Rome Labs. ============================ In sort of related news: About the same time the wheels were coming off the Rome Labs myth, a similar fate was being meted out to the hoary tale of electromagnetic pulse gun attacks on banks in the United Kingdom. Alert Crypt Newsletter readers already know the publication has dissed the legend of the non-nuclear electromagnetic pulse (HERF, microwave, radio frequency) gun as the chupacabras of cyberspace for the last two years. On December 4, a British journalist for TechWeb dubbed them the same. These stories are nonsense, said Michael Corcoran of Britain's Defense Evaluation and Research Agency, for TechWeb. "There are no radio-frequency weapons out there that anyone is in a position to use against banks." Corcoran then waffled for the publication and equivocated that they might be sometime in the future. ======================= Editor: George Smith, Ph.D. INTERNET: 70743.1711@compuserve.com crypt@sun.soci.niu.edu http://www.soci.niu.edu/~crypt Mail to: Crypt Newsletter 1635 Wagner St. Pasadena, CA 91106 ph: 626-568-1748 ------------------------------ Date: Thu, 22 Jan 1998 09:43:09 -0500 From: Paul Kneisel Subject: File 2--THREE MYTHS ABOUT GOVERNMENT, MARKETS, AND THE NET (fwd) Since we've been talking about the proper role of the government in the IT market, I thought I'd post a quickie critique I wrote of the Clinton Admin's "Framework for Global Economic Commerce," which a number of issues that have appeared in the discussion of Microsoft. Anders Schneiderman Progressive Communications Wed, 21 Jan 1998 ---------------------------------------- THREE MYTHS ABOUT GOVERNMENT, MARKETS, AND THE NET: A SPECIAL REPORT ON THE CLINTON ADMINISTRATION'S PLANS FOR GLOBAL ELECTRONIC COMMERCE "A cutting-edge, history-making blueprint." That's what Newsweek columnist Steven Levy calls the Clinton Administration's grand plan for the Internet's future. "A Framework for Global Electronic Commerce" was released on July 1 to a chorus of favorable reviews. Some commentators fretted about its position on encryption and privacy, but overall, it earned high marks. The reason for this praise? Because, as Levy says, "the report bluntly asserts that the most important thing the govern can do about [the Net] is _get the hell out of the way_." Let the free market work its magic. The Clinton Administration report is a perfect example of how far Newt Gingrich and others have come in creating the myth of Government Bad, Free Enterprise Good. If we patiently troll through this document's murky prose, we can reveal glimpses of our society's confusion about how markets and government work. MYTH #1: THE MARKET IS ALWAYS SMARTER THAN THE GOVERNMENT. The Clinton Administration's report is based on a simple principle: "the private sector should lead." Why? Because "innovation, expanded services, broader participation, and lower prices will arise in a market-driven arena, not in an environment that operates as a regulated industry." This raises an obvious question. If the government is so incompetent, why did the Internet come from Uncle Sam and not CompuServe or AOL? Why did the private sector have to play catch-up with this stellar innovation? The report knows this is a problem, so it tries to gloss over this unpleasantness as quickly as possible. It says, "though government played a role in financing the initial development of the Internet, its expansion has been driven primarily by the private sector." But the only reason the private sector is in the driver's seat is that Uncle Sam handed over the keys. Netscape succeeded because it ripped off the University of Illinois and U of I didn't fight back. More generally, the Clinton Administration pulled the government out of the business of developing the Net. You can argue whether or not this was a good decision, but it's hard to see the Net's history as evidence that the private sector _must_ lead. Our myopia about the Net's history is a classic example of the trouble Americans have acknowledging how government facilitates the economy. Conservatives like to say, let's get back to the glory days of the 1950s, when the government left the private sector alone. And they're right, it did mostly stay out of the market. Except for the military, which nurtured the electronics and computer industries. And the FHA and VA, which underwrote half the houses in the 'burbs. And the massive highway building programs that helped people commute between the 'burbs and the city and expanded the auto market. And the GI Education Bill and government grants that paid for the explosive growth of higher education. And the NIH, the NSF. Medicare, and Medicaid programs that poured massive money into the health care system. And the tax breaks that underwrote a new system of pensions. And of course there's agriculture. And banking. But aside from computers, electronics, housing, construction, cars, education, health care, agriculture, and banking--and, indirectly, steel, plastic, and concrete--government hasn't done a thing to help our economy. MYTH #2: GOVERNMENT REGULATIONS ARE BAD FOR MARKETS Even if the government did a great job creating the Internet, maybe it's time to turn it over to the free market. The Internet is moving so fast that government bureaucrats may not be able to keep up. That's what the Clinton Administration thinks. According to the Executive Summary, "The Internet should develop as a market driven arena not a regulated industry." But this bold statement isn't the whole story. The report also says that "governments must adopt a non-regulatory, market-oriented approach to electronic commerce, one that facilitates the emergence of a transparent and predictable legal environment to support global business and commerce." In other words, the government should butt out, except for one, little, minor task. It must create a vast new infrastructure to make Net commerce work. The problem is simple. If the government really butts out, Internet commerce will die. The day the report came out, Sun Microsystems director Dennis Tsu complained to the press that the U.S. wasn't aggressive enough about expanding intellectual property rights, patents, and copyright protection. Net commerce depends on them. So if Net commerce is to flourish, we need to radically change our legal system. For example, in the next few years there will be a huge brawl over copyright law. Right now, most Netizens ignore copyright rules. The Net grew so rapidly because no one worried about whether they were violating intellectual property law. "Information wants to be free!" was the Net's motto. But now that there's money to be made, Sun and Microsoft and IBM and Times-Warner and all the other players want a new set of rules that make damn sure this attitude goes away. And they need the government to do it for them. The government is also needed to create online equivalents of money, signatures (for signing contracts), and other fundamental features of Net mass commerce. The industry can take the lead in developing these standards, but none of it will work if the government doesn't enforce them, because ultimately only the government can create legally-binding courts or cash. The report tries to get around this paradox by using one of the clever shell games conservatives have adopted: we don't want 'government,' just contracts and courts. When the government must intervene, the report says, it "should establish a predictable and simple legal environment based on a decentralized, contractual model of law rather than one based on top-down regulation." For those of you who have an infant, I have a piece of advice: tape that sentence over their crib. It's the Corporate Lawyer Full Employment Act. The computer world is already lawsuit-crazy, and if Clinton--a lawyer by training--has his way, we'll be up to our eyebrows in 'em. This isn't less government, it is more lawyers. Far from decreasing the scope of regulation, this approach will increase it. Nathan's column in this issue of E-Node tells the story of the ISPs and AT&T, where attempts to get the government out of the market have led to more government, not less. This paradox is evident throughout the report. The report warns against "potential areas of problematic regulation," one of which is "rate regulation of [Internet] service providers." But while protecting us from Internet service providers (ISPs) is bad, protecting ISPs from the phone companies is good. The report warns that "monopolies or dominant telephone companies often price interconnection well above cost, and refuse to interconnect because of alleged concerns." In other words, if Clinton really let competition loose, the phone companies would simply refuse to let ISPs connect up to their customers: you want to serve 'em, you run wires to their houses. So government should butt out--except where it must butt in. As a result of this sophistry, the report is littered with sentences like, "genuine market opening will lead to increased competition, improved telecommunications infrastructures, more customer choice, lower prices and increased and improved services." Translation: every few years, we will hold a fascinating philosophical debate over the proper definition of a "genuine market." Federal courts and bureaucrats will hand out billion-dollar prizes to the debate winners in the form of regulations and court decisions, which spell out in excruciating detail how we will ensure we have "genuine markets." This is less government? Finally, as someone who loves the Internet, I'd argue that if some of the anti-government fears are realized and the government does slow down the pace of innovation a little, that might not be such a bad thing. Today, companies scrambling to survive are forced to throw in new features and create new toys without knowing whether they work well or are even useful. To solve many serious Net problems, we need more thoughtfulness, not more speed. Maybe a little sand in the wheels is a good thing. MYTH #3: IF THE GOVERNMENT GETS OUT OF THE WAY, WE'LL ALL BENEFIT. The last myth is that market competition is good for everybody. As noted above, the report insists that "Innovation, expanded services, broader participation, and lower prices will arise in a market-driven arena, not in an environment that operates as a regulated industry." That's why "where governmental involvement is needed, its aim should be to support and enforce a predictable, minimalist, consistent and simple legal environment for commerce," and not, say, justice, fairness, or other bleeding-heart concerns. This approach makes cheery assumptions about the world that experience does not bear out. In a recent issue of Salon Magazine, Andrew Leonard points out one example that's already reared its ugly head: privacy. The Administration wants the market to take the lead in developing standards for protecting consumer privacy. But so far, says Leonard, the market-driven Open Profiling Standard proposal has no means "for taking care of the basic problem of whether or not information should be collected in the first place." There's a good reason for that: "The desire for online privacy runs directly at odds with one of the most attractive aspects of doing business online -- the Net's capacity for helping target marketing and advertising efforts directly at specific users." Consumer choice ends where corporate needs begin. Experience has also shown us that increased competition can have a paradoxical effect: sometimes more competition means that fewer, not more, people benefit. In a terrific article in Newsweek last year, Marc Levinson showed that in the the financial world, banks don't _want_ to compete for most of us. On average, "20 percent of households account for almost all of consumer-banking profits, while three out of five customers are money losers." That means that if there's more competition, the banks will compete to attract the 20 percent who generate profits and they will compete to dump the 60 percent who don't. As Nathan demonstrated in his last two E-Node columns, we see similar economics in electrical and telephone services. When competition kicks into high gear in some markets, companies understandably focus on "cream skimming" the customers who can turn a profit. If the same holds true for Internet commerce in general, then far from leading to high-quality universal access, more competition could leave a lot of us worse off. The final example of the disconnect between who markets are supposed to help and who they really do help is the tricky issue of taxes. Most accounts of the report's conclusions about taxes make the same mistake that Steven Levy makes. According to Levy, the report argues that "one thing governments should most decidedly _not_ do is tax the Internet"--it should be a "tariff-free zone." In other words, the government should not stifle the Net's explosive growth with taxes. There's an obvious problem with this approach. If the Net is tax-free, then anybody with any sense will move every sales transaction onto the Net that they can. Even if Net commerce isn't more efficient--even if it's a little less efficient--you'll save money. Needless to say, that would strongly penalize many people who don't have access to the Net, particularly poor folk. But the most devastating effect would be on state and local government. On June 24th, a few days before the report was due out, the U.S. Conference of Mayors passed a resolution telling the Feds to butt out of the question of how Net commerce should be taxed. That's because state and local governments are terrified. Without revenue from sales taxes, local services and the people that depend on them will be road kill (for more details, see the report, "Prop 13 Meets the Internet," at http://garnet.berkeley.edu:3333/). And that's the reason why the Administration's report does _not_ advocate making the Net tax-free. This is what the report says: "the United States believes that no new taxes should be imposed on Internet commerce." No new taxes, but what about the old ones? The report doesn't really say. Its authors know that there is a problem. At one point, it proclaims that "no tax system should discriminate among types of commerce, nor should it create incentives that will change the nature or location of transactions." But this is more of a wish than an answer. So how does the Administration propose solving this problem, this life-and-death issue that will determine the fate of all state and local governments and the people who rely on them? Very simply: "No new taxes should be applied to electronic commerce, and states should coordinate their allocation of income derived from electronic commerce." Got it? No "new" taxes. Just somehow, magically, we're going to collect the same revenue local governments used to obtain from sales tax and we'll divvy it up so it works out just like it used to. Having dumped the readers into a very murky swamp, the report then pushes us in further with its next sentence: "Of course, implementation of these principles may differ at the [state and local] level where indirect taxation plays a larger role." And in case our heads are still above water, one more shove: "the system should be simple and transparent," "capable of capturing the overwhelming majorities of appropriate revenues" while "minimiz[ing] burdensome record keeping and costs for all parties." This is a cutting-edge, history-making blueprint? This is more like one of those challenges they give engineering students where they say, here's 20 boxes of toothpicks, 100 bowls of Lime Jello, and a magnifying glass, now build us a working model of La Guardia Airport. This is a recipe for disaster. CONCLUSION Economic markets are a wonder to behold. Like natural ecosystems, they can produce marvels that are hard to imagine occurring any other way. And like nature, ultimately they resist our control. Even with the best of intentions, clumsy attempts to nurture or direct economic markets can turn around and bite us. The experience of Europe's ham-handed attempts to force the creation of a European computer industry was not so different from the experience of people who live in flood plains, who learn the hard way that Mother Nature respects no engineer. But at the same time, we need to be careful that in respecting the power of markets we don't blind ourselves to the crucial role played by our government. Because when we do turn a blind eye, we stop debating an important question: who benefits? Who will reap the harvest from our tax dollars? Instead, those questions are settled in private, behind closed doors. That's not right. If Uncle Sam must ask his family to help tend the garden of the Internet, then all members of his family should partake of its bounty. ------------------------------ Date: Tue, 3 Feb 1998 07:54:42 -0800 From: "Rob Slade" Subject: File 3--"Growing Up Digital", Don Tapscott BKGRUPDI.RVW 971107 "Growing Up Digital", Don Tapscott, 1997, 0-07-063361-4, U$22.95/C$32.95 %A Don Tapscott %C 300 Water Street, Whitby, Ontario L1N 9B6 %D 1997 %G 0-07-063361-4 %I McGraw-Hill Ryerson/Osborne %O U$22.95/C$32.95 800-565-5758 fax: 905-430-5020 %O lisah@McGrawHill.ca %P 256 %T "Growing Up Digital: The Rise of the Net Generation" Don Tapscott apparently gets a lot of mileage out of the story about his kids being unimpressed by Tapscott's TV appearance that had him demonstrating how to surf the Web. According to Tapscott, this proves that his kids are N-Geners: yet another "generation", this one that has grown up with, and is attuned to, the massive international networks, and the technology behind them. Experienced network users might take a different interpretation from the story. Web surfing is a particularly pedestrian skill, if it is a skill at all, and "demonstrating" the use of a graphical browser, with its point and click interface, tends to be both pointless and rather boring for the observer. This book takes a rather dubious premise, and extends it as far as possible, and probably considerably beyond. In the first chapter Tapscott looks at demographics to chart the Baby Boom generation (those born from 1946 to 1964), Douglas Coupland's Generation X (1964 to 1978), and N-Gen (1978 to 2000). However, a look at real demographic statistics points out an unfortunate fact: while most of those in the N-Gen group will have heard of the net, and a great number might have had some experience on it, even among the singularly fortunate population of North America only a minority elite have regular and consistent access to it. The book itself appears to be based on research conducted with a small sample of subjects culled from a single site representing a ridiculously small number of individuals in comparison to the population of the United States alone. (A great deal of the book is based on self-reports from those subjects.) The N-Gen may come, but it probably hasn't been born yet. (The author does, rather frequently, admit that the presence of technology "haves" and "have nots" is a problem, but he never really analyzes the situation, the potential outcomes, or possible fixes. While there is an entire chapter devoted to the topic, it tends to recycle anecdotes rather than look seriously at the issue. In the course of the review I burst out laughing, and had to explain the guffaw to my wife by reading the sentence on page 266 that occasioned it: "Homeless people online at the local library can log on to the community information bulletin board to find beds in a shelter, a hot shower, or even medical and counseling services." Her response was an immediate and disbelieving "Yeah, right!" followed by the observation that the statement was pathetically naive and unrealistic. I really couldn't argue with her. I spend considerable time at our regional libraries, and while we are blessed with access to Freenet through all the card catalogue terminals, and have, in addition, a number of graphical Web browsing terminals, I can't say that I've ever seen one of the homeless looking up a shelter. The Vancouver CommunityNet and Victoria TeleCommunity Net seem to agree with me: they don't even have a listing for shelter for the homeless, although Vancouver does have one for wildlife. I think Tapscott has been getting his information from "Doonesbury.") One of the great unchallenged assertions of our day is that children feel more comfortable with technology, and learn it faster than adults. Tapscott holds fast to this premise, and uses it frequently in telling how our kids are going to be much different than we are, or were. His most important assertion based upon this fact is the Generation Lap, which he uses to mean that traditional teaching roles are becoming reversed as children are becoming instructors of their parents in regard to computers. There is only one problem: the central statement is not true. Those under the age of eighteen do not have any magical skill or empathy with technology. They are just as confused and frightened about technology as anyone else. If they tend to learn more than those around them, that has more to do with the general lack of experience with computing in the population as a whole. If I have dealt with many adults who couldn't remember that a Window out of sight is not also necessarily out of memory, I have equally taught children who were so afraid of computers that they wouldn't input a program without typing on a typewriter first, and others who had so much trouble with the concept of double clicking that they had to be taught to click and then hit return in order to invoke a program. Even if it were true, though, that children learn software applications by some sort of effortless osmosis, I fail to understand why that would automatically lead to an understanding of the fundamental technologies involved, as Tapscott implies when talking about education. The book does make some interesting observations. Those who use the net tend to accept diversity, to be more curious, and to be confident. However, these occasional insights tend to be buried in a mass of commentary that is either trivial and obvious (computers are fun!) or questionable (the Internet automatically teaches children how to learn). Repeated statements about the "success" enjoyed by some of the young people contacted in the course of writing the book seem to say much more about entrepreneurship than technology. A defence of the violence of video games makes a weak nod toward the work of Bandura, but unconvincingly states that it really isn't important. (The makers of violent computer games, toys, and television programmes will undoubtedly be relieved to hear it.) Some points in the book may well be true, but unhelpful. Tapscott's statement that mass education is a product of the industrial economy falls into this category. "Individual" instruction probably *is* better for the student. The text fails, however, to look at how such education might realistically (and economically) be provided, and how a free-for-all curriculum might result in some kind of graduation or assessment that would convince potential employers as to the skills of the products of this type of schooling. (OK, that statement is a product of an industrial economy too. Generalize it, then: how are we to know anything about the success of such an educational system?) Other parts of the book are best described as pseudoprofound. There are frequent quotes from the young participants that, on first glance, seem to point out some kind of new age wisdom. Chapter ten has the N- Gen focus group express surprise that adults would have trouble sharing information: a relatively easy statement to make if you have never put a lot of work into study and the development of information. Given a moment's thought, though, the statements tend to demonstrate a kind of naive ignorance. This is simply a result of lack of experience and study of history on the part of the young. It is not their fault, of course, and may provide a brief moment of amusement in comparing their blind spots with our own. Those who are experienced with the net will find that this book doesn't say anything that isn't pretty widely known already. But I dare say the knowledgeable user is not the target audience. For the uninitiated, then, Tapscott provides a bewildering variety of new insights. I use the word bewildering deliberately, since many of these insights are either trivial or untrue, and it will be quite difficult for the reader from the general public to sort the wheat from the chaff. copyright Robert M. Slade, 1997 BKGRUPDI.RVW 971107 ------------------------------ Date: Thu, 7 May 1997 22:51:01 CST From: CuD Moderators Subject: File 4--Cu Digest Header Info (unchanged since 7 May, 1997) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-6436), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. In ITALY: ZERO! BBS: +39-11-6507540 UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD Web-accessible from: http://www.etext.org/CuD/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #10.09 ************************************