MobileRead Forums - View Single Post - Forum operator sued for a wrongful username

hacker · 06-12-2005, 08:10 PM

This reminds me of when I ran a BBS back through most of the 80's while I was in high-school and for a few years afterwards... "hacker heaven BBS" (not part of the "Cherry Hill Gang's BBS of the same name).

I was carrying lots of e-Zines (Phrack, T@P, Zone, lots of others) and I also had several thousand source files for viruses online for other developers to learn from. I also had an online database (ran through "Doorway") that would let anyone look up viruses, check their affects, and other data on them. I never carried any cracks, hacks, or other copyrighted material. JUst lots of information, lots of files, and lots of message bases, organized into categories for almost every topic.

I was petitioning for access into Fidonet, and knew my local Node Coordinator personally. We manage to secure "1:320/2600" (get it? 2600? <grin>) as my Fidonet address (really, you can Google it).

I was also a strong privacy advocate, even back then. I had several message bases dedicated to privacy, and one of them was exclusively for PGP encrypted messages. I didn't know or care what went on through that message base, as long as it remained encrypted with PGP. It was pretty popular.

Since my message bases were gated through other nodes upstream, they started "losing" my PGP message bases, then eventually all of my other message bases. They demanded that I "decrypt" these messages and check to make sure nothing illegal was happening, and scan every message for viruses.

"Decrypt" PGP messages... yeah sure, I'll get right on that.

Eventually the upstream node coordinators got fed up with my policies, and the fact that I refused to decrypt the messages or reduce the privacy of my users. They even said I was "required" to get a real name, phone number, and physical mailing address of my users.

Why? Why would I ever want or need that information? How would I know it was valid? Am I going to call all of my users just to "check" on them? Heck no.

My BBS required two things to sign up:

1. A username, preferrably not your "real" name
2. A password, preferrably a strong one

That's it. From that point, you got 90 minutes per-day to do whatever you wanted on the site.

So myself and my friend (the upstream node coordinator I was echoing message bases through) decided to start gating Usenet into our message bases, and back to Usenet. We both ran OS/2 at the time, and a developer who wrote the newsgate software (Watergate) wanted our help to beta test it. This was my first venture into Open Source and collaborative development.

It was my also first "real" exposure to the Internet.

From here, I joined a group called "NirvanaNET", which believed in the same sort of privacy and Freedom of Speech issues that I did. After a pretty rigorous voting period, I was allowed in. This was my first real experience with a lot of issues related to oppression, freedom of speech, and many other topics which I hold dear today. I'm still listed out there in some of their text files.

To bring this full-circle, I was persecuted by the upstream node coordinators, who were deleting my users messages, censoring our communication, and making it hard for anyone to talk to anyone else. They were holding me personally responsible for allowing my users to remain anonymous, private, and for giving them tools to ensure their privacy and security.

(You can read more about it over here, at an old version of my biography page)

This kind of activity disgusts me, and I will continue to fight against it every time I see it, including this one.

06-12-2005, 08:10 PM	#8
hacker Technology Mercenary Posts: 617 Karma: 2561 Join Date: Feb 2003 Location: East Lyme, CT Device: Direct Neural Implant	This reminds me of when I ran a BBS back through most of the 80's while I was in high-school and for a few years afterwards... "hacker heaven BBS" (not part of the "Cherry Hill Gang's BBS of the same name). I was carrying lots of e-Zines (Phrack, T@P, Zone, lots of others) and I also had several thousand source files for viruses online for other developers to learn from. I also had an online database (ran through "Doorway") that would let anyone look up viruses, check their affects, and other data on them. I never carried any cracks, hacks, or other copyrighted material. JUst lots of information, lots of files, and lots of message bases, organized into categories for almost every topic. I was petitioning for access into Fidonet, and knew my local Node Coordinator personally. We manage to secure "1:320/2600" (get it? 2600? <grin>) as my Fidonet address (really, you can Google it). I was also a strong privacy advocate, even back then. I had several message bases dedicated to privacy, and one of them was exclusively for PGP encrypted messages. I didn't know or care what went on through that message base, as long as it remained encrypted with PGP. It was pretty popular. Since my message bases were gated through other nodes upstream, they started "losing" my PGP message bases, then eventually all of my other message bases. They demanded that I "decrypt" these messages and check to make sure nothing illegal was happening, and scan every message for viruses. "Decrypt" PGP messages... yeah sure, I'll get right on that. Eventually the upstream node coordinators got fed up with my policies, and the fact that I refused to decrypt the messages or reduce the privacy of my users. They even said I was "required" to get a real name, phone number, and physical mailing address of my users. Why? Why would I ever want or need that information? How would I know it was valid? Am I going to call all of my users just to "check" on them? Heck no. My BBS required two things to sign up: 1. A username, preferrably not your "real" name 2. A password, preferrably a strong one That's it. From that point, you got 90 minutes per-day to do whatever you wanted on the site. So myself and my friend (the upstream node coordinator I was echoing message bases through) decided to start gating Usenet into our message bases, and back to Usenet. We both ran OS/2 at the time, and a developer who wrote the newsgate software (Watergate) wanted our help to beta test it. This was my first venture into Open Source and collaborative development. It was my also first "real" exposure to the Internet. From here, I joined a group called "NirvanaNET", which believed in the same sort of privacy and Freedom of Speech issues that I did. After a pretty rigorous voting period, I was allowed in. This was my first real experience with a lot of issues related to oppression, freedom of speech, and many other topics which I hold dear today. I'm still listed out there in some of their text files. To bring this full-circle, I was persecuted by the upstream node coordinators, who were deleting my users messages, censoring our communication, and making it hard for anyone to talk to anyone else. They were holding me personally responsible for allowing my users to remain anonymous, private, and for giving them tools to ensure their privacy and security. (You can read more about it over here, at an old version of my biography page) This kind of activity disgusts me, and I will continue to fight against it every time I see it, including this one.