From: Steve Uhrig Date: Thu Jan 17, 2002 8:37am Subject: Re: Electronic Harassment Sweepers Once upon a midnight dreary, Hawkspirit pondered, weak and weary: > http://www.siin.com/invres.html This guy is Ronald Rhodes. He tried to rip me off for a few hundred dollars in a business deal last year, and I had to get some letters to knock on his door to get him to make good. He has a felony theft record for stealing some laser components from a company and peddling them on ebay. He's in his twenties. He also runs two other websites, one selling vaporware kits and the other an anti government type site. Stay far away from this guy. I had looked into filing a complaint against him in California, claiming to be a PI when he is not, but did not pursue that when he made good on the deal after trying to rip me off. I'm sure the State's Attorney would be mildly interested in him. I believe I posted a warning about him last year around the time we knocked heads. That message should be in the archives if anyone cares. If anyone else has had, or tried to have, business deals with this guy and you got cheated, I will share my file with you. I have copies of his criminal records and a good bit of other stuff. Those of you out there who are PIs should be especially incensed by this sort of thing (meaning his website listed above) because this is what the public sees of your profession. Can't blame them if they read the site and judge the entire profession. He's a hotdog, answers all the messages on his bulletin boards pretending to be someone else and pumping up his products, and referring to himself in the third person. I don't know how many people see through him doing that. Steer clear of this guy. I am sure Roger was posting the info merely as a curiosity as to how far some people think they can go without ultimate sanctions. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 4564 From: Date: Thu Jan 17, 2002 4:19am Subject: Re: Re: Electronic Harassment Sweepers In a message dated 1/17/02 6:47:28 AM Pacific Standard Time, steve@s... writes: << He also runs two other websites, one selling vaporware kits and the other an anti government type site. >> Would you please share these with the rest of the list? Thanks, M. 4565 From: Steve Uhrig Date: Thu Jan 17, 2002 9:45am Subject: Ripoff Artist Mikie asked: << He also runs two other websites, one selling vaporware kits and the other an anti government type site. >> > Would you please share these with the rest of the list? Ask and it shall be given unto you. www.plans-kits.com www.siin.com www.getexempt.com > Having stolen items nets sentence The San Diego Union - > Tribune; > San Diego, Calif.; Sep 7, 2000; Onell R. Soto; > Abstract: Ronald Rhoades, 25, pleaded no contest last month > to possessing lasers stolen from Melles Griot, a Carlsbad > manufacturer of industrial lasers, after company officials > noticed their products for sale on the Internet auction site > eBay. > Rhoades also pleaded no contest to possessing an illegally > shortened .22-caliber rifle and nunchakus, outlawed martial > arts weapons. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 4566 From: Dr. Pepper Date: Thu Jan 17, 2002 9:59am Subject: RE: Re: Record device Radio Shack makes such a device for about 20 bucks. I've used it for years, and it works great. -----Original Message----- From: Steve Uhrig [mailto:steve@s...] Sent: Wednesday, January 16, 2002 7:45 PM To: TSCM-L@yahoogroups.com Subject: [TSCM-L] Re: Record device Once upon a midnight dreary, zack pondered, weak and weary: > Due to experiences which have occurred within the past few > days, I would like to enlist this list for some information. I > am looking for a modest price recording device which would > record phone conversations as soon as I pick up the phone, > taking into account I also use the same line for Internet use. > ( long play with time/date ). PS..... I live in a state with > one party only knowledge as to recording. Very easy problem. Connect a tape recorder to your phone line via any standard method, and start the recorder manually when you make or receive a call you wish to record. Since you are in a one party consent state, you are OK as the one party, and it would only be your own calls you would be recording, so you merely can start the machine yourself when needed. That way, you won't fill the tape needlessly with Internet noise/data instead of voice. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 4567 From: Hawkspirit Date: Thu Jan 17, 2002 11:18am Subject: TSCM article Here is a pretty good article http://www.securitymanagement.com/library/000464.html 4568 From: A Grudko Date: Fri Jan 18, 2002 6:42am Subject: Bin Ladin rights Just a thought, reading another group's comments yesterday on the legal issues of audio serveillance in the US - a bit off the wall and not intended to give any support to OBL or any criminals... I'm thinking about the video tape which was 'found' about a month ago in Afghanistan where someone resembling OBL 'boasted' about 9/11 to another Saudi. News reports implied that this was a covert recording - done without OSL's knowledge, a roaming concealed camera on someone else's property recording a private meeting. The 'cameraman' or perhaps 'secret agent' is unknown so not available to testify to the circumstances of the event or authenticity of the tape. If this tape is used to try to prosicute someone, wouldn't a US criminal Court refuse to accept it as evidence under normal conditions? I do realise these are not 'normal' conditions and that governments can and do grant themselves powers which trample over people's rights in times of emergency. Before I get flamed; I do not support OBL's group or actions I'm not looking for a loophole for him to grovel to the caves through I'm not anti-American. Andy Grudko D.P.M., Grad I.S, (S.A.) - Grudko Associates - www.grudko.com , Est. 1981 International business intelligence and investigations - ICQ 146498943 Johannesburg (+27 11) 465 9673 - 465 1487 (Fax), Pretoria (+27 12) 244 0255 - 244 0256 (Fax) SACI, WAD, CALI, SAMLF, UKPIN, AFIO (OS), IWWA, PRETrust, AmChamCom When you need it done right - first time 4569 From: Aimee Farr Date: Fri Jan 18, 2002 3:37pm Subject: CALEA decision http://laws.lp.findlaw.com/dc/005386.html U.S. DC Circuit Court of Appeals US TELECOM ASSN v FBI January 18, 2002 4570 From: James M. Atkinson Date: Fri Jan 18, 2002 3:46pm Subject: 4568 message on the Archive I just wanted to let the list know that we have an archive vailable of over 4500 list postings. http://groups.yahoo.com/group/TSCM-L/messages -jma -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4571 From: William Knowles Date: Sat Jan 19, 2002 2:38am Subject: China Finds Bugs on Jet Refitted in U.S. http://www.washingtonpost.com/wp-dyn/articles/A5176-2002Jan18.html By John Pomfret Washington Post Foreign Service Saturday, January 19, 2002; Page A1 BEIJING, Jan. 18 - Somewhere on a military airfield north of Beijing, China's presidential aircraft, a new Boeing 767-300ER with all the trimmings, sits unused with parts of its innards torn out. Last October, days before its planned maiden voyage, Chinese military communications experts discovered numerous high-tech listening devices planted inside the plane, according to Chinese and Western sources, who said they had been told of this by Chinese military officers and aviation officials. The plane was grounded and has not been flown since it was delivered. Chinese aviation officials and military officers have charged that U.S. intelligence agencies planted the bugs aboard the plane while it was being refitted in the United States, the sources said. The U.S. Embassy declined to comment on the allegations. Analysts said the devices were highly sophisticated. A CIA spokesman, Bill Harlow, declined to comment on the report, saying, "We never comment on allegations like these, as a matter of policy." The story behind the immobile Boeing jet offers a tantalizing glimpse of modern spycraft. A Chinese source, with close ties to China's military intelligence services, said members of the Third Department of the General Staff Department of the People's Liberation Army discovered the devices. The Third Department deals in signals intelligence. The Chinese source said that, to date, 27 listening devices had been found, including devices in the presidential bathroom and in the headboard of the presidential bed. A Western executive and a Western diplomat said they had been told by Chinese aviation sources that the devices were highly sophisticated. The diplomat said they "had to be triggered by a satellite communication. In that sense, they were very advanced." U.S. sources have said the controversy over the plane is emerging as an issue in the summit meeting between President Bush and President Jiang Zemin scheduled for Feb. 21 in Beijing. Chinese analysts said the incident confirms their fears that the United States is an untrustworthy partner and continues to treat China as an enemy. After the listening devices were discovered, Western sources said, 20 Chinese air force officers and two officials from China Air Supply Import & Export Corp., which was involved in negotiations for the jet, were detained. Chinese sources said they were being investigated for negligence and for corruption – the American firms were paid about $10 million for the refitting job but China doled out $30 million. In addition, a senior air force officer is under a form of house arrest for his role in the affair. The officer has previously purchased planes for government officials through the auspices of China United Airlines, owned by the Chinese air force, which also had a piece of the transaction in question. A top officer of the Bodyguards Bureau of the General Staff Department of the People's Liberation Army, has also been criticized for tolerating the lax security, the sources said. The China Air Supply Import & Export Corp. and China United Airlines declined to comment on the situation. It is unclear how the episode could affect Boeing, which in September signed a $2 billion deal to sell planes to China. More broadly, Western diplomats said they believed Washington and Beijing would weather the dispute. "This kind of thing is to be expected," said a Chinese security expert, who noted that relations between Washington and Moscow were not seriously disrupted by disclosures in the 1980s that the Soviets had bugged the new U.S. Embassy. The expert added, "Even if our relations were excellent, we would still spy on each other." China purchased the Boeing 767-300ER in June 2000 for $120 million, a Chinese source said. An executive at Delta Airlines said the Chinese were so eager to obtain a top-of-the-line 767 that Delta allowed China to assume its contractual responsibilities for one plane about to come off Boeing's assembly line in Seattle. China's state-run media, which dubbed the plane Air Force One, reported the sale in August of that year. Several reports, including one that appeared in the Guangzhou Daily, a mass circulation newspaper in that southern metropolis, said the plane had already been brought to China for refitting. In fact, the plane had been sent to the San Antonio International Airport for refitting by several aircraft maintenance firms, including Dee Howard Aircraft Maintenance Lp, Gore Design Completions Ltd., Rockwell Collins Inc. and Avitra Aviation Services Ltd., a Singapore firm, according to companies that worked on the contract. The job was worth less than $10 million, an industry source said, and work continued during a very tense period in U.S.-Chinese relations following the April 1, 2001, collision between a U.S. reconnaissance aircraft and a Chinese jet off the coast of southern China. In a report about the refitting work published last September, the San Antonio Express-News quoted Earl Parker, a project manager for Avitra, as saying the plane was not a "plain Jane, like [U.S.] Air Force One." Parker told the newspaper the plane was refitted to accommodate about 100 people in beige leather chairs that could be converted into beds. Larger, one-hour oxygen canisters replaced the 20-minute type used on most aircraft. And the new presidential suite consisted of a bedroom, sitting room and a bath with a shower. The firms also added a 48-inch television set, satellite communications and advanced avionics. Chinese security guards provided round-the-clock security for the plane while it was being refitted, the newspaper said. How the listening devices got on board the plane is a mystery. Phil O'Connor, a vice president at Dee Howard Aircraft Maintenance of San Antonio, said today was the first time he he had heard of the allegations. Robert Sanchez, chief operations officer at Gore Design Completions, also of San Antonio, said he did not believe the allegations. "We had an excellent relationship with every Chinese official who worked on this project," he said. "We're not in the business of doing things like this." A Rockwell Collins spokeswoman said the company would have no comment. Work was completed on the plane in August and it was flown to China on Aug. 10, stopping in Honolulu. A group of American workers and their families accompanied the plane as guests of the Chinese government, Sanchez said. "The Chinese were very happy with the aircraft and with the work we did. They took the workers to the Great Wall and showed them around," said Sanchez. "Why would any of these corporations or workers consider that, if they knew anything about this?" Western diplomats and executives learned of the case in mid-October when Chinese officials they normally did business with did not appear for meetings. Chinese friends and colleagues informed them that the officials had been arrested, they said. The arrests occurred in China about the time that Jiang was supposed to take his maiden voyage in the jet to attend the summit of the Asia-Pacific Economic Cooperation forum in Shanghai. Jiang flew to the meeting on another airplane. Sanchez said Chinese government officials have not contacted his firm about the problems. He also said that Chinese aviation officials said they wanted Gore to work on three additional VIP aircraft. "We're technical, not political," Sanchez said. "This incident is not going to hurt the U.S. government; it's not going to hurt the government of China. It's only going to hurt the firms. " For years, China has worried that Western governments, using Western companies, would use high-tech products to compromise China's security. China spent millions of dollars protecting the new headquarters of the Foreign Affairs Ministry from listening devices that could potentially be mounted in office buildings nearby, a Chinese security source said. Last year, the People's Daily, the official Communist Party newspaper, carried an editorial in which it SAID the import of high-tech products from the West constituted a security risk because Western governments would place secret codes or technical Trojan horses inside the products to collect intelligence. Staff writer Thomas E. Ricks in Washington contributed to this report. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* 4572 From: Richard Superman Date: Sat Jan 19, 2002 2:25am Subject: China says president's jet bugged http://money.iwon.com/jsp/nw/nwdt_rt.jsp?cat=USMARKET&src=201&feed=reu§ion=news&news_id=reu-l19285278&date=20020118&alias=/alias/money/cm/nw China says president's jet bugged-Financial Times Friday January 18, 8:39 PM EST LONDON, Jan 19 (Reuters) - China has said its intelligence officers found more than 20 spying devices in a Boeing 767 meant to become President Jiang Zemin's official plane after it was delivered from the U.S., the Financial Times said on Saturday. Citing Chinese officials, the newspaper said it was unclear when the aircraft was fitted with the bugs, said to be tiny and operated by satellite. The devices were detected after the plane emitted a strange static whine during test flights in China in September, shortly after it was delivered. One device was found in a lavatory and another in the headboard of the presidential bed. The discovery came ahead of a planned summit between U.S. President George W. Bush and Jiang in Beijing next month. The Chinese president was said to be furious about the find, the FT said. The aircraft was made at the Boeing factory in Seattle and then fitted with VIP equipment and upholstery by another company. The plane was under surveillance by Chinese officials throughout, the newspaper said. A Boeing spokesman declined to comment on the report. Chinese officials said the security forces had launched an investigation into possible negligence and some 20 air force officers had been held for questioning, the FT said. The U.S. and China clashed over espionage issues in April last year when a Chinese fighter jet and U.S. spy plane collided over the South China Sea, resulting in the death of the Chinese pilot and the grounding of the U.S. plane in China. ©2001 Reuters Limited. -- Sent through GMX FreeMail - http://www.gmx.net 4573 From: Shawn Hughes Date: Sat Jan 19, 2002 0:07pm Subject: Re: US Videdo Surveillance Andy, Naah. We (I) have videotaped people all the time without their knowledge or consent, State and Federal. There are several rules concerning it, but the safest one is to have a cooperating witness in the room (or frame). Think about it like this; basically, if you were required to garner the ok of any future felon before you could conduct visual and audio intercept ops, you'd just about never be doing them. Oh, and the rules are a lot less stringent when they are in a public setting. Shawn 4574 From: James M. Atkinson Date: Sat Jan 19, 2002 6:47pm Subject: Appeal - United States Telecom Association v. Federal Bureau of Investigation, et al. United States Court of Appeals FOR THE DISTRICT OF COLUMBIA CIRCUIT Argued October 12, 2001 Decided January 18, 2002 No. 00-5386 United States Telecom Association, Appellant v. Federal Bureau of Investigation, et al., Appellees Appeal from the United States District Court for the District of Columbia (No. 98cv02010) A. Stephen Hut Jr. argued the cause for appellant. With him on the briefs were John H. Harwood II, Samir C. Jain, Lawrence E. Sarjeant, Linda L. Kent and John W. Hunter. Anne Murphy, Attorney, U.S. Department of Justice, ar- gued the cause for appellees. With her on the brief were Kenneth L. Wainstein, U.S. Attorney, and Douglas N. Letter, Counsel, U.S. Department of Justice. Daniel L. Kaplan, Counsel, entered an appearance. Before: Ginsburg, Chief Judge, Henderson, Circuit Judge, and Williams, Senior Circuit Judge. Opinion for the Court filed by Senior Circuit Judge Williams. Williams, Senior Circuit Judge: Electronic eavesdropping has historically proceeded on a basis of cooperation between law enforcement authorities and telephone service providers. In 1970 Congress regularized the relationship somewhat by providing that a court order for electronic surveillance should, at the request of the officer applying for authority, direct the provider to furnish the applicant with the necessary "informa- tion, facilities and technical assistance." Act of July 29, 1970, Pub. L. No. 91-358, tit. II, s 211(b), 84 Stat. 654 (1970), codified at 18 U.S.C. § 2518(4). Because of rapid technologi- cal development since then, Congress in 1994 added further structure with the Communications Assistance for Law En- forcement Act ("CALEA" or the "Act"), 47 U.S.C. § 1001 et seq. (1994). (Each of the statute's sections has a number 899 lower than that of its codified equivalent in Title 47; for simplicity's sake we use only the latter.) The Act has re- quirements relating to both the "capability" of telephone service providers to intercept communications and their "ca- pacity" to do so. In United States Telecom Ass'n v. FCC, 227 F.3d 450 (D.C. Cir. 2000), we addressed "capability"; here we deal only with "capacity." In very simplified form, CALEA sets up the following regime as to capacity, involving three key phases: (1) The Attorney General issues "notices" of what capacity is needed. The Attorney General in fact has delegated his duties to the FBI, and we henceforth refer to it exclusively. (2) Each carrier responds with a "statement" of the modifications any of its systems or services will need to provide the required capacity. (3) A carrier is deemed in compliance with the FBI's capacity notices, without having made the specified modifications, until the FBI agrees to reimburse the carrier for those modifications. We spell out the scheme in more detail below. In 1998 the FBI issued a set of rules implementing the Act's capacity requirements. See Implementation of Section 104 [47 U.S.C. § 1003] of CALEA, 63 Fed. Reg. 12218 (March 12, 1998) ("Final Notice"). United States Telecom Associa- tion ("USTA"), a trade association of about 1400 telephone companies, sought relief in district court against various provisions of the rules. First, it argued that the FBI had erroneously defined the class of "modifications" for which carriers might be eligible for reimbursement. Second, it said that the FBI's concept of the required "notices" misread the statute in a variety of ways, each increasing the carriers' burdens and their risks of being found noncompliant. In an unpublished opinion the district court granted summary judg- ment in favor of the FBI on all issues. Reviewing the grant of summary judgment de novo, see, e.g., Shields v. Eli Lilly & Co., 895 F.2d 1463, 1466 (D.C. Cir. 1990), we affirm the district court with respect to the reim- bursement scheme, finding that the FBI correctly defined the "modifications" required to be reimbursed. On the other hand, finding error on the part of the FBI on each of the disputes about its notices, we reverse on those issues, with instructions to the district court to remand the case, in one instance vacating the challenged feature of the rules, in the others not. * * * CALEA requires the FBI to issue a notice of both the "actual number" of interceptions and devices that it expects will be conducted and used "simultaneously" by October 25, 1998, § 1003(a)(1)(A), and the "maximum capacity" required to accommodate the surveillance that enforcement agencies "may conduct and simultaneously use" after that date, s 1003(a)(1)(B). Subject to a qualification relating to reim- bursement of necessary modifications, service providers are required within three years after notice to have the capacity specified in § 1003(a)(1)(A) and the ability "expeditiously" to expand to the "maximum capacity" specified in s 1003(a)(1)(B). See §§ 1003(b)(1), 1003(e). The FBI notice under § 1003(a)(1)(A) is to state the actual number of communication interceptions, pen registers, and trap and trace devices, representing a portion of the maximum capacity set forth under sub- paragraph (B), that the [FBI] estimates that [law en- forcement authorities] may conduct and use simulta- neously. 47 U.S.C. § 1003(a)(1)(A) (emphasis added). Pen registers are devices that record the telephone numbers dialed by the surveillance's subject; trap and trace devices record the telephone numbers of the subject's incoming calls. Each of the carriers is required to respond to the notice of capacity requirements with a "statement" of "systems or services that do not have the [necessary] capacity." s 1003(d). The FBI reviews these statements and "may" agree to reimburse the carrier "for costs associated directly with modifications to attain" the capacity requirements. s 1003(e). Until the FBI agrees to reimburse the necessary modifications specified by a carrier, the carrier is considered in compliance. Id. We address first the cost allocation issue, then the charac- ter of the notices to be issued by the FBI. * * * Cost Allocation. We start with the key statutory provi- sions. Section 1003(d) sets out the duty of the carrier to submit a statement responding to the FBI's notice, and s 1003(e) states the relationship between a carrier's compli- ance and the FBI's decision on what to reimburse: § 1003(d) Carrier statement Within 180 days after the publication by the [FBI] of a notice of capacity requirements pursuant to subsection (a) or (c) of this section, a telecommunications carrier shall submit to the [FBI] a statement identifying any of its systems or services that do not have the capacity to accom- modate simultaneously the number of interceptions, pen registers, and trap and trace devices set forth in the notice under such subsection. § 1003(e) Reimbursement required for compliance The [FBI] shall review the statements submitted under subsection (d) of this section and may, subject to the availability of appropriations, agree to reimburse a telecom- munications carrier for costs directly associated with modi- fications to attain such capacity requirement that are deter- mined to be reasonable in accordance with section 1008(e) of this title. Until the [FBI] agrees to reimburse such carrier for such modification, such carrier shall be consid- ered to be in compliance with the capacity notices under subsection (a) or (c) of this section. 47 U.S.C. §§ 1003(d), (e). The Final Notice provided for eligibility for reimbursement as follows: Capacity costs associated with any equipment, facilities or services deployed after the Carrier Statement period of 180 days following the effective date of this Final Notice of Capacity will not be eligible for reimbursement. Final Notice, 63 Fed. Reg. at 12220-21. But the language is concededly different from the thought the FBI intended to convey. In fact, government counsel assured us at oral argument (with the full assent of USTA's counsel), that this sentence should really be read as if it also contained the material added in boldface: Capacity costs associated with any equipment, facilities or services deployed after the Carrier Statement period of 180 days following the effective date of this Final Notice of Capacity will not be eligible for reimbursement, except costs for modifications the FBI has agreed to compensate under § 1003(e). Thus, expenses incurred to add equipment--other than for modifications that the carrier specified in its "statement" and that the FBI in its discretion agreed to reimburse--are not reimbursable. USTA objects that under the FBI's reading of § 1003(e), a carrier will have to pay for all capacity it adds in the future (except for the reimbursed "modifications"), even though the government will be able to help itself to part of the added capacity. As was developed at oral argument, this skews a carrier's incentives: rather than invest in capacity additions sized to accommodate not only its customers' prospective demand but also the government's future wishes, it will elect smaller expansions, anticipating that after the next FBI notice and carrier statement its equipment will require "modi- fication" and thus government reimbursement. USTA fur- ther argues that we should not defer to the FBI's reading of the Act under Chevron U.S.A. Inc. v. Natural Resources Defense Council, 467 U.S. 837 (1984), because the government has a sharp pecuniary interest in the outcome: under USTA's reading of the statute, the government would have to pay for its share of all new capacity that it uses. Of course the issue of Chevron deference arises only if the statute doesn't plainly settle the issue. Chevron, 467 U.S. at 842-43 (holding that if "Congress has directly spoken to the precise question at issue," the court "must give effect to the unambiguously expressed intent of Congress."). Here we find that the Act does so, and therefore need not resolve USTA's pecuniary-interest theory. The only costs for which the Act provides any compensa- tion are for "modifications" under § 1003(e). These "modifi- cations" are necessarily to "systems or services" identified by the carrier in its § 1003(d) statement as "not hav[ing] the capacity" to accommodate the needs set out in an FBI notice under § 1003(a)(1). And those "systems and services" are necessarily systems and services extant at the time the carrier files its statement. In other words, eligibility for reimbursement extends only to modifications as needed to mend deficiencies set out in the carrier's § 1003(d) statement. USTA claims to find support in the passage of § 1003(e) that states: "Until the [FBI] agrees to reimburse [a] carrier for [reasonable] modifications, such carrier shall be consid- ered in compliance with the capacity notices." 47 U.S.C. s 1003(e). But the carrier's being "in compliance" appears to refer only to the modifications identified in the § 1003(d) statement, and says nothing with respect to the government's uncompensated use of capacity that a provider may add, on its own, after submitting its § 1003(d) statement. USTA also points to CALEA's enforcement provision, pro- hibiting a court from issuing any enforcement orders that "require a telecommunications carrier to meet the Govern- ment's demand for interception ... to any extent in excess of the capacity for which the [FBI] has agreed to reimburse such [a] carrier." 47 U.S.C. § 1007(c)(1). But USTA's literal reading of this section is plainly unsound; even USTA does not think the section governs available capacity antedating the FBI's very first § 1003(a)(1) notice. The FBI's reading of the section is that it reinforces the "safe harbor" provided by § 1003(e)'s assurance to a carrier that it will not be out of compliance if law enforcement authorities demand capacity that the carrier's § 1003(d) statement has said was needed (until the FBI funds the additional capacity). As appellant's construction of § 1007(c)(1) is impossible on a literal basis and would require us to twist the meaning of § 1003(e) itself, we find it unconvincing. USTA's remaining textual analysis contrasts the Act's lan- guage on capacity with its language on capability, which explicitly provides for compensation for modifications of equipment deployed before January 1, 1995 to accommodate law enforcement, § 1008(d), and none for equipment deployed thereafter. We fail to see how the distinction helps USTA. The capability provisions plainly differ substantially from those for capacity, but the contrast sheds no light on the proper interpretation of §§ 1003(d) & (e). Finally, USTA makes reference to some legislative history it believes is supportive of its position. See Appellant's Br. at 20-21 (citing H.R. Rep No. 103-827, pt. 1, at 17, 20 (1994)). "But we do not resort to legislative history to cloud a statutory text that is clear." Ratzlaf v. United States, 510 U.S. 135, 147-48 (1994). See also Burlington Northern R.R. Co. v. Oklahoma Tax Comm'n, 481 U.S. 454, 461 (1987); In re Sinclair, 870 F.2d 1340, 1342-43 (7th Cir. 1989) (suggest- ing that legislative history should only be used to elucidate the meaning of the statutory text). Of course, legislative history may "shed new light on congressional intent, notwith- standing statutory language that appears superficially clear." Natural Resources Defense Council, Inc. v. Browner, 57 F.3d 1122, 1127 (D.C. Cir. 1995) (internal quotation marks and citation omitted). But in fact the force of appellant's claim turns on its selective quotation. The House Committee Re- port said: After the four year transition period, which may be extended an additional two years by order of the FCC, industry will bear the cost of ensuring that new equipment and services meet the legislated requirements, as defined by standards and specifications promulgated by the indus- try itself. However, to the extent that industry must install addi- tional capacity to meet law enforcement needs, the bill requires the government to pay all capacity costs from date of enactment, including all capacity costs incurred after the four year transition period.... H.R. Rep No. 103-827, pt. 1, at 16-17 (emphasis added). Appellant ignores the first sentence and quotes the second. In fact, properly read even the second sentence does not help appellant, for it describes the statute simply as calling on the government to pay for "additional capacity" that "industry must install ... to meet law enforcement needs." Just so. Government must pay for "modifications" that it agrees to reimburse as specified in § 1003(e), but otherwise helps itself to capacity that is available. Accordingly, we affirm the district court's grant of sum- mary judgment for the government on USTA's cost recovery claim. * * * The remaining issues relate to provisions dealing with how the FBI "notices" are to specify capacity requirements. Again USTA argues that the FBI should not enjoy Chevron deference because of its pecuniary interest. Again we need not address the pecuniary-interest issue, though for a differ- ent reason from the one previously given. Even Chevron deference requires that the agency position be reasonable, Chevron, 467 U.S. at 843, and on none of the following issues is that standard met. "Expeditiously." Recall that the Act distinguishes be- tween the "actual numbers" of interceptions and equipment the FBI expects to be conducted and used simultaneously by October 25, 1998, § 1003(a)(1)(A), and the "maximum capaci- ty" required to accommodate surveillance thereafter, s 1003(a)(1)(B). Section 1003(b) gives this distinction opera- tional significance. Section 1003(b)(1) requires carriers by a specified date to have the capacity [subject to § 1003(e)] to accommodate the § 1003(a)(1)(A) demands and the ability to "expand[ ]" to the subsection (B) "maximum capacity"; and s 1003(b)(2) requires each carrier to "ensure that it can accommodate expeditiously" an increase in demand up to the "maximum capacity." The Final Notice implements these provisions by reading "expeditiously" to allow only five business days. Final No- tice, 63 Fed. Reg. at 12219/1. The only rationale offered to support the five-day period is transparently off point. The FBI said the decision was "based on past practice as to the time typically involved under existing procedures used by law enforcement and telecommunications carriers to make techni- cal interception arrangements." Id. This statement about "past practice" relates only to provisioning individual wiretaps upon request--a task quite different from that of increasing total wiretapping capacity. Worse, unrebutted evidence in the record suggests that it would be impossible for carriers to install additional capacity in such a short time period. Unsurprisingly, ordering new hardware, securing its delivery, and then installing and test- ing it takes more than five days. See id. at 12235/1 (noting that seven commenters, including the trade association repre- senting telecommunications equipment manufacturers, have described this time frame as unrealistic). In effect, then, the FBI's interpretation of "expeditiously" de facto erases the statutory distinction between actual and maximum capacity, even though the statute plainly intends such a distinction and even specifies that "actual" capacity should be "a portion of the maximum capacity set forth under subparagraph (B)." § 1003(a)(1)(A). We therefore find un- reasonable and vacate this aspect of the Final Notice. See RCA Global Communications, Inc. v. FCC, 758 F.2d 722, 733 (D.C. Cir. 1985) (rejecting agency's reading of a statute that "would deprive [the statutory provision] of all substantive effect"). "Capacity"/"Number of," and "Simultaneously." Recall that § 1003(a)(1)(A) requires the FBI to give notice of the actual number of communication interceptions, pen registers, and trap and trace devices, representing a portion of the maximum capacity set forth under subpar- agraph (B), that the [FBI] estimates that [law enforce- ment authorities] may conduct and use simultaneously. 47 U.S.C. § 1003(a)(1)(A) (emphasis added). Subsection (B) similarly requires notice of the "maximum capacity" required to accommodate such interceptions, etc., again "simultaneous- ly." The Final Notice insisted that these statements of "actual number" and "capacity" were properly in terms that drew no distinction between different types of interceptions (e.g., communications content versus mere pen registers), even though they differ heavily in their actual demands on capacity. Final Notice, 63 Fed. Reg. at 12235. And it treated interceptions as "simultaneous" if they occur on the same day, even though they may each only take moments and do not overlap in the least. Id. at 12225. USTA objects to both these decisions. And rightly so. As to "capacity," the FBI acknowledged that different interceptions impose different demands on capacity; content interceptions might require up to five delivery channels be- cause of multiple participants on a call, while others, such as pen registers and trap and trace devices, typically use only a single channel. See id. at 12218, 12232-33. By way of justification it said that the only historical data it had access to did not directly reveal the information the carriers were after: the available average national ratio of content intercep- tions to pen registers and trap and trace devices was not "in any way representative of any specific geographic region." Id. at 12235. It also said that, in any event, "law enforcement ... does not know the type(s) of surveillance that will be needed in the future." Id. at 12236. As to simultaneity, the FBI insisted that its choice "was logical from a law enforcement perspective" because court orders approving wiretapping activities are phrased in terms of days, and as a result such data was all that was available. Id. at 12225/3, 12235/2. The FBI's justifications of both decisions--ultimately claims of defects in existing data--render them unreasonable. See Fresno Mobile Radio, Inc. v. FCC, 165 F.3d 965, 969-70 (D.C. Cir. 1999). Such complete throwing up of hands is inconsistent with the Bureau's extensive use of statistical projections elsewhere in implementing CALEA. In fact, all the interception numbers that the FBI gave are estimates. For instance, to determine the actual and maximum capacity requirements themselves, the FBI undertook to establish a historic baseline, and then used statistical techniques to ex- trapolate the baseline into the future. Id. at 12224-25; see also id. at 12226/3 (stating that in determining "growth factors," which require prediction of future capacity require- ments, "statistical and analytical methods were applied to the historical interception information"). As to these portions of the Final Notice, we reverse the judgment of the district court, with instructions to remand the case to the agency for a more adequate explanation. Because it is not so clear as in the case of the Bureau's interpretation of "expeditiously" that there are no defensible grounds for its conclusions, however, the district court should not vacate the FBI's resolutions of the "number of/capacity" and "simultaneously" issues. Compare Allied-Signal, Inc. v. U.S. Nuclear Regulatory Comm., 988 F.2d 146, 150-51 (D.C. Cir. 1993) ("The decision whether to vacate depends on the 'seriousness of the order's deficiencies (and thus the extent of doubt whether the agency chose correctly) and the disruptive consequences of an interim change that may itself be changed.' "). * * * The judgment of the district court is affirmed and reversed as set forth above. So ordered. -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4575 From: Hawkspirit Date: Sun Jan 20, 2002 10:01am Subject: Help on R.F. signal identification I'd like some help from the group in identifying an unknown R.F. signal. This signal was received while doing a sweep in the northern part of Los Angeles. The signal operates between 2.402GHZ and 2.468 GHZ. This transmission is some kind of pulsed microwave signal. The timing of the signal is as follows. The signal first bursts five separate simultaneous pulses. The wave form looks as if you hold your hand up in front of your face fingers pointed toward the ceiling. Each finger would be a separate pulse. They range in amplitude as you fingers appear a (bell curve). This burst lasts about one half second and then the carrier is clear of signals. Next a single pulse appears at the high side of the carrier (2.468) and starts to sweep down frequency. When it reaches about the fifty percent point of the carrier bandwidth the five finger burst array appears again for about one half second. Then the single pulse reappears at the fifty percent point and continues to sweep down frequency until it arrives at the lower frequency of the carrier (2.402GHZ) and disappears and the five finger pulse bursts again for a half second. This completes the cycle. The full cycle timing is about 3 seconds. I monitored this signal for about four hours and I did not detect any pattern variation. Any help appreciated Roger Tolces www.bugsweeps.com 4576 From: James M. Atkinson Date: Sun Jan 20, 2002 11:13am Subject: Re: Help on R.F. signal identification Roger, What was the bandwidth of the signals, and did you examine the signals in the time domain? I would suspect an 802.11 WLAN connection, but of course it has to be assumed a hostile signal until proven otherwise. Where did you trace the signal to? Was it originating INSIDE your clients facility? What kind of antenna where you using? -jma At 8:01 AM -0800 1/20/02, Hawkspirit wrote: >I'd like some help from the group in identifying an unknown R.F. signal. >This signal was received while doing a sweep in the northern part of Los >Angeles. >The signal operates between 2.402GHZ and 2.468 GHZ. This transmission is >some kind of pulsed microwave signal. The timing of the signal is as follows. > The signal first bursts five separate simultaneous pulses. The wave form >looks as if you hold your hand up in front of your face fingers pointed >toward the ceiling. Each finger would be a separate pulse. They range in >amplitude as you fingers appear a (bell curve). This burst lasts about one >half second and then the carrier is clear of signals. Next a single pulse >appears at the high side of the carrier (2.468) and starts to sweep down >frequency. When it reaches about the fifty percent point of the carrier >bandwidth the five finger burst array appears again for about one half >second. Then the single pulse reappears at the fifty percent point and >continues to sweep down frequency until it arrives at the lower frequency >of the carrier (2.402GHZ) and disappears and the five finger pulse bursts >again for a half second. This completes the cycle. The full cycle timing is >about 3 seconds. I monitored this signal for about four hours and I did not >detect any pattern variation. Any help appreciated > >Roger Tolces >www.bugsweeps.com -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4577 From: Matthew Paulsen Date: Sun Jan 20, 2002 1:11pm Subject: RE: Help on R.F. signal identification This could be a frequency hopping Bluetooth air interface for a basestation. Spectrum spread in the US is from 2.402 to 2.480. -----Original Message----- From: Hawkspirit [mailto:hawkspirit@e...] Sent: Sunday, January 20, 2002 8:01 AM To: TSCM-L@yahoogroups.com; bratkid@e... Subject: [TSCM-L] Help on R.F. signal identification I'd like some help from the group in identifying an unknown R.F. signal. This signal was received while doing a sweep in the northern part of Los Angeles. The signal operates between 2.402GHZ and 2.468 GHZ. This transmission is some kind of pulsed microwave signal. The timing of the signal is as follows. The signal first bursts five separate simultaneous pulses. The wave form looks as if you hold your hand up in front of your face fingers pointed toward the ceiling. Each finger would be a separate pulse. They range in amplitude as you fingers appear a (bell curve). This burst lasts about one half second and then the carrier is clear of signals. Next a single pulse appears at the high side of the carrier (2.468) and starts to sweep down frequency. When it reaches about the fifty percent point of the carrier bandwidth the five finger burst array appears again for about one half second. Then the single pulse reappears at the fifty percent point and continues to sweep down frequency until it arrives at the lower frequency of the carrier (2.402GHZ) and disappears and the five finger pulse bursts again for a half second. This completes the cycle. The full cycle timing is about 3 seconds. I monitored this signal for about four hours and I did not detect any pattern variation. Any help appreciated Roger Tolces www.bugsweeps.com Yahoo! Groups Sponsor ADVERTISEMENT ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. [Non-text portions of this message have been removed] 4578 From: ki4je Date: Sun Jan 20, 2002 10:08am Subject: Re: Help on R.F. signal identification Could it be someones wireless LAN operating on the 802.1b standard? ----- Original Message ----- From: Hawkspirit To: TSCM-L@yahoogroups.com ; bratkid@e... Sent: Sunday, January 20, 2002 11:01 AM Subject: [TSCM-L] Help on R.F. signal identification I'd like some help from the group in identifying an unknown R.F. signal. This signal was received while doing a sweep in the northern part of Los Angeles. The signal operates between 2.402GHZ and 2.468 GHZ. This transmission is some kind of pulsed microwave signal. The timing of the signal is as follows. [Non-text portions of this message have been removed] 4579 From: MaxS Date: Sun Jan 20, 2002 10:45am Subject: Spying in China Dears: Who knows what about spying equipments in BOEING 767 for Chinese president ? I am not asking WHY but HOW. Martin KOCIAN PS I will ask WHY later. 4580 From: Michael Puchol Date: Sun Jan 20, 2002 5:51pm Subject: Re: Help on R.F. signal identification Hi Roger, Without looking at the spectrum itself, and considering you are right in one of the ISM bands, you may be looking at 802.11b WLAN. It occupies about 1MHz per channel, uses direct sequence spread-spectrum, and can change such 'channel' as needed - maybe explaining the jumps you see. Depending on your SA settings, the waveform would look as you point out. Have you tried running with peak hold on? You will see the whole spectrum used 'filling up'. Cheers, Mike > ----- Original Message ----- > From: "Hawkspirit" > To: ; > Sent: Sunday, January 20, 2002 5:01 PM > Subject: [TSCM-L] Help on R.F. signal identification > > > > I'd like some help from the group in identifying an unknown R.F. signal. > > This signal was received while doing a sweep in the northern part of Los > > Angeles. > > The signal operates between 2.402GHZ and 2.468 GHZ. This transmission is > > some kind of pulsed microwave signal. The timing of the signal is as > follows. 4581 From: MIKE F Date: Sun Jan 20, 2002 5:56pm Subject: RE: Spying in China It is reporrted that 767 sent here to US for updating & repairs thats how the equipment was put on plane. later4,mike f. -----Original Message----- From: MaxS [mailto:maxs@m...] Sent: Sunday, January 20, 2002 11:45 AM To: TSCM-L@yahoogroups.com Subject: [TSCM-L] Spying in China Dears: Who knows what about spying equipments in BOEING 767 for Chinese president ? I am not asking WHY but HOW. Martin KOCIAN PS I will ask WHY later. ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.314 / Virus Database: 175 - Release Date: 1/11/2002 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.314 / Virus Database: 175 - Release Date: 1/11/2002 4582 From: tek492p Date: Sun Jan 20, 2002 7:31pm Subject: Re: Steve's column name Steve -- Use your name in your column title. Like "Steve's xxxxxxxxxxx". Hey, why not promote your business? When readers think of Steve Uhrig, they will also think of SWS Security. Jack 4583 From: James M. Atkinson Date: Sun Jan 20, 2002 4:27pm Subject: Re: Spying in China At 5:45 PM +0100 1/20/02, MaxS wrote: > Dears: > > Who knows what about spying equipments in > BOEING 767 for Chinese president ? > > I am not asking WHY but HOW. > > Martin KOCIAN > > PS > I will ask WHY later. Simple, The Chinese intelligence service installed the devices to spy on their own president, but the presidential protective detail turned them up by accident... oops. Heaven forbid, that the US would actually bug the plane; I mean really, the work was done by a highly respected US defense contractor, guarded 7/24, and maintained in a super secure location, etc, etc, etc... Who ever installed the little toys had sloppy tradecraft, Tit-for-tat, Bwahhh, ha-ha-ha, -jma -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4584 From: Matthew Paulsen Date: Sun Jan 20, 2002 10:08pm Subject: RE: Re: Steve's column name Steve.. How about "Uhrig's Vade Mecum"? [Non-text portions of this message have been removed] 4585 From: Wayne T Work Date: Sun Jan 20, 2002 6:17pm Subject: RE: Help on R.F. signal identification Sounds like one of the newer 2.4 gig Network receivers transmitters. They can be set to hop around to find open channels with in this range. They do a DSS on the sig strength and then settle on a freq. to use to establish the network communications. If WEP is enable then it to uses chanelized selection for an encrypted session. pretty common stuff. Also the newer video "snap shop" 2.4 gig cameras use similar technology. Got a scan capture of the info? NAI (network associates Inc) make a WAP/WEP sniffer. Might help with the analysis. -----Original Message----- From: Hawkspirit [mailto:hawkspirit@e...] Sent: Sunday, January 20, 2002 11:01 AM To: TSCM-L@yahoogroups.com; bratkid@e... Subject: [TSCM-L] Help on R.F. signal identification I'd like some help from the group in identifying an unknown R.F. signal. This signal was received while doing a sweep in the northern part of Los Angeles. The signal operates between 2.402GHZ and 2.468 GHZ. This transmission is some kind of pulsed microwave signal. The timing of the signal is as follows. The signal first bursts five separate simultaneous pulses. The wave form looks as if you hold your hand up in front of your face fingers pointed toward the ceiling. Each finger would be a separate pulse. They range in amplitude as you fingers appear a (bell curve). This burst lasts about one half second and then the carrier is clear of signals. Next a single pulse appears at the high side of the carrier (2.468) and starts to sweep down frequency. When it reaches about the fifty percent point of the carrier bandwidth the five finger burst array appears again for about one half second. Then the single pulse reappears at the fifty percent point and continues to sweep down frequency until it arrives at the lower frequency of the carrier (2.402GHZ) and disappears and the five finger pulse bursts again for a half second. This completes the cycle. The full cycle timing is about 3 seconds. I monitored this signal for about four hours and I did not detect any pattern variation. Any help appreciated Roger Tolces www.bugsweeps.com ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 4586 From: James M. Atkinson Date: Mon Jan 21, 2002 8:23am Subject: China silent over spy devices found on its presidential plane http://straitstimes.asia1.com.sg/asia/story/0,1870,97989,00.html? China silent over spy devices found on its presidential plane Beijing wants to downplay the incident, say analysts, despite 27 bugs reportedly being discovered on the US-made aircraft BEIJING - China yesterday remained silent about reports that a refitted Boeing 767 intended for Chinese President Jiang Zemin was bugged, as Vice-President Hu Jintao told a delegation of former United States ambassadors and academics that Beijing wants good ties with Washington. This Boeing 767 being refitted for President Jiang in the US was reportedly bugged. -- AP A Chinese Foreign Ministry official said the ministry did not have a response to the reports by the Financial Times and the Washington Post this weekend that Chinese intelligence officers had found 27 spying devices hidden in a US-built Boeing 767 intended to become Mr Jiang's official plane. 'We're still trying to contact relevant departments on this matter,' she said. The story was not carried by any local media. Analysts said yesterday they saw the lack of response by Beijing so far as a sign that the Chinese leadership wanted to downplay the incident. 'The Chinese government has been cautious in handling this problem. It has issued no official protest, no criticism,' said Mr Zhu Feng, director of the international securities programme of the Beijing University School of International Studies. 'I think it is taking into consideration the development in China-US relations.' Meeting the former US ambassadors and professors from Harvard University on Saturday, Mr Hu said Sino-US relations 'now have opportunities for further development'. He said that bilateral relations 'have been developing constantly despite ups and downs' since China and the US re-established ties 30 years ago, and he said he wanted to push forward bilateral relations through further 'exchanges, understanding and cooperation'. Meanwhile, US Secretary of State Colin Powell said yesterday that Chinese officials had never raised with him the reported bugging of the jet. 'In all the conversations I've had with the Chinese authorities over the last several months, this has never been raised,' he said in an interview with ABC television. As well, Mr Powell, who refused to confirm or deny the reports, said he did not believe the alleged incident would affect President George W. Bush's visit to China next month. 'I don't expect anything to derail that trip,' he said in a separate interview with the Fox News Channel. --AFP, Xinhua -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4587 From: James M. Atkinson Date: Mon Jan 21, 2002 8:22am Subject: China never mentioned bugging of Jiang plane: Powell http://straitstimes.asia1.com.sg/breakingnews/story/0,1895,97908,00.html? China never mentioned bugging of Jiang plane: Powell TOKYO -- US Secretary of State Colin Powell said on Sunday that Chinese officials had never raised with him the reported bugging of an American jet built for Chinese President Jiang Zemin. In addition, General Powell, who refused to confirm or deny the report, said he did not believe the alleged incident would affect President George W. Bush's upcoming visit to China. 'In all the conversations I've had with Chinese authorities over the last several months this has never been raised,' Gen Powell said in an interview with ABC television. In a separate interview with the Fox News Channel, he expanded on his remarks, but still declined to comment on the veracity of the report that appeared in the Washington Post and Financial Times on Saturday. 'I'm not aware of any contacts between us and the Chinese government concerning this so-called matter that we read about in the newspapers yesterday,' he said. Although he refused to comment on the reports themselves, Gen Powell said he did not expect the furore raised by them to interfere with the Bush trip to China that is scheduled for next month. 'I don't expect anything to derail that trip,' he told Fox. Asked a similar question in the ABC interview he replied: 'I don't see any reason to think so. 'We've received acceptance, of course, from the Chinese of the presidential visit and I know they're looking forward to it, they're quite excited about it and so are we,' he said. Both Washington and Beijing have refused to comment on the reports which said that Chinese intelligence officers had found 27 spying devices hidden in the US-built Boeing 767 jet intended to be Mr Jiang's official plane. China had known the jet was bugged since September -- a month after the aircraft was delivered, according to the reports. -- AFP -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4588 From: MIKE F Date: Mon Jan 21, 2002 9:54am Subject: WATCH-OUT!!!!!======>Multiple windows file wiping utilities do not properly wipe data with NTFS This Should interest some that use BC-Wipe & or other supposedly assured WIPE CLEAN software programs. later4,mike f ---------------------------------------------------------------------------- ------------------------------------------------ Kurt Seifried Security Advisory 003 (KSSA-003) http://www.seifried.org/security/advisories/kssa-003.html, kurt@s... Title: Multiple windows file wiping utilities do not properly wipe data with NTFS file systems. Issue date: Jan 21, 2002 Who should read this advisory: Anyone using file wiping utilities such as PGP Wipe (from NAI), BCWipe (from Jetico) or East-Tec Eraser (from East-Tec) on a Windows system with an NTFS file system, such as Windows NT, Windows 2000 or Windows XP especially with features such as thumbnail pictures in explorer. This advisory affects virtually every Windows file wiping utility, none of the tested programs were found to be problem free. Author and contact info: This advisory is copyright 2002, Kurt Seifried, kurt@s..., http://www.seifried.org/ Overview: In the NTFS file system a facility exists to bind additional data to a file or directory, called an alternate data stream [url1][url2]. These alternate data streams cannot be be removed, unless the parent file or directory is destroyed. Unfortunately most file wiping utilities only deal with the primary data stream and do not wipe the alternate data streams, thus leaving data intact. Affected software: It is important to note that every single software package tested failed to erase single or multiple data streams (Eraser 5.3 erased multiple data streams in, however missed alternate data streams when only one was present in a file). Based on this I find it unlikely that any other secure deletion programs implement alternate data stream wiping properly, all secure deletion programs for Windows should be treated as suspect until proven innocent. If you are using secure deletion software please check immediately for files with alternate data streams, and after deleting them you are strongly advised to wipe all free space. BCWipe version 1.x and 2.x from Jetico - Confirmed in testing and from vendor. http://www.bcwipe.com/ Eraser 5.3 - Confirmed in testing and from vendor. http://www.tolvanen.com/eraser/ SecureClean v3 build-2.0 - Confirmed in testing and from vendor. http://www.accessdata.com/main_deleted_data.htm East-Tec Eraser 2000 - Confirmed in testing. http://www.east-tec.com/eraser/index.htm PGP 6.x freeware and commercial, 7.x, freeware and commercial - Confirmed in testing. http://www.pgp.com/, http://www.pgpi.org/ Numerous other packages are suspected to be vulnerable, it is strongly advised to use the workarounds listed below. Impact: If data is stored in an alternate data stream attached to a file (such as the thumbnail of an image) or directory when this file or directory is wiped the information contained within the alternate data stream will be left intact on the harddrive. No warning is given to the user at all by Windows or the wiping programs. For example if you use windows file explorer (the default file browser in Windows) and have thumbnails of pictures enabled (the default setting) then the thumbnail of the thumbnail image, once created (i.e. once the directory is viewed in Explorer) will not be deleted until you delete the file and wipe all free space. Alternate data streams also provide an ideal location to keep attack tools, snippets of virus code and so forth for attackers and viruses, in fact some virus scanners do not scan alternate data streams unless specifically configured to do so (often labeled as "scan all files" or similar). The good news is that floppy disks and most other removable media are not formatted as NTFS, thus it is unlikely that copied files will contain the alternate data streams. As well no all compression programs, such as WinZip copy the alternate data streams, while others such as WinRAR do copy the alternate data streams. While it is unlikely that files with alternate data streams will have made it to other systems with their alternate data streams intact it is possible, and any systems that have had sensitive data copied or moved to them should immediately have their free space wiped in order to ensure alternate data streams containing sensitive information are still present. Details: Create a file with an alternate data stream: echo "this is a text file" > C:\file.txt echo "this is the alternate data stream lkajhkl2" > C:\file.txt:alternate-data-stream If you use forensics software to examine the harddrive you will find the string of text "this is the alternate data stream lkajhkl2" present on the drive. Now using the file wiper of your choice (BCWipe, etc.) choose the file C:\file.txt and wipe it. Use any many passes as you want. Now examine the drive for the string "this is the alternate data stream lkajhkl2". You should be able to find it. To do this using Linux simply create an image file of the drive and examine it using grep or strings: dd if=/dev/hdb1 of=windows-disk.img grep "this is the alternate data stream lkajhkl2" windows-disk.img or strings windows-disk.img > windows-disk.strings grep "this is the alternate data stream lkajhkl2" windows-disk.strings As you will quickly discover the data is easily found. Alternate data streams are only available on NTFS file systems, making home users with older systems (Windows95, Windows98, WindowsME) immune to this problem, but newer systems based on WindowsXP are capable of using NTFS, thus potentially exposing customers to risk. NTFS is also available on most corporate systems such as WindowsNT, Windows2000 and WindowsXP. Another "feature" of alternate data streams is that they cannot be deleted. If you have an alternate data stream attached to a file you cannot delete it, you can write other data to the stream, however you cannot reliably delete it. To overwrite an alternate data stream simply place more data into it, for example: echo "this will overwrite existing data in the stream" > C:\file.txt:alternate-data-stream or type notepad.exe > C:\file.txt:alternate-data-stream *** Solutions and workarounds: Several workarounds exist, and several vendors are in the process of updating software so as to fix the problem. The first workaround is to avoid using alternate data streams to store sensitive information. Unless you have explicitly created alternate data streams it is unlikely that they exist. However to check for alternate data streams several free tools exist, one of the best of which is LADS [url3] from Frank Hayne Software (heysoft.de). Simply download lads.zip and unpack it, then run it from your root drives (e.g. C:\, D:\) and it should find and report any and all alternate data streams present. Because alternate data streams cannot be deleted tools to detect them are quite effective, once found you should securely delete the files and proceed to the next workaround, wiping free space, in order to ensure the alternate data streams are deleted. The second workaround is to immediately use the "wipe free space" feature present in most secure file deletion utilities. Since the parent file or directory that the alternate data streams were attached to have been deleted the data in the alternate data streams is now in "free space" on the harddrive, thus using "wipe free space" will overwrite it. The downside of this workaround of course is that wiping all the free space on a hard disk can take quite some time, especially on a modern disk that may have several tends of gigabytes of free space to wipe. One note on this: wiping free space may not be possible or effective on network shares using NTFS, it is recommended to encrypt truly sensitive data on NTFS network file systems. A third workaround is to encrypt sensitive data, Windows 2000 offers encrypted file system, or you can use programs such as PGP's PGPDisk [url4] or Jetico's BestCrypt [url5]. It is recommended to use encrypted disk partitions rather then encrypting single files, encrypted disk partitions are much easier to work with, type in a password and you have access, when you are done you do not need to worry about encrypting the file, as the data is kept in an encrypted state on the hard drive. Additionally temporary files stored in the same directory (such as opened word files) will also be kept in an encrypted state, reducing the need for you to wipe free space. Several vendors have announced new versions in light of this, see below for more information: BCWipe 1.x and 2.x "We confirm importance of the problem of wiping alternate data stream in files, created on NTFS disks. We would thank Mr. Seifried for writing us about the problem and are going to solve it in the next version 3 of BCWipe, which is planned to be released at April, 2002." SecureClean "We will be covering all those issues in the next release. We plan to be shipping the product in February. The new release will be posted at www.accessdata.com. The current SecureClean does not handle alternate data streams or the thumbnails. That is coming in February." East-Tec Eraser 2000 "EAST Technologies has acknowledged the possible problem concerning the wiping of the alternate data streams that may appear on NTFS disk drives and it will analyze this problem in the security product that it develops and the way this may compromise the user's personal security and privacy. EAST Technologies will also inform all its users and customers and in case it would be necessary, it will develop a fix." Additional information: Check your anti-virus software, several packages do not scan alternate data streams by default, it is recommended you enable scanning of all files and confirm by placing the eicar.com [url6] in an alternate data stream of a file and scanning to test. Backup programs should also be checked, attach an alternate data stream to a file, delete and then restore it, check for the alternate data stream. You can remove an alternate data stream either by copying the parent file onto non NTFS media or backing it up with a program that does not save the alternate data stream, or by using the "rm" utility present in MKS Software's "MKS Toolkit 8.0". An op-ed piece on this problem will be appearing at SearchSecurity [url7] later this week. References: [url1] http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechn ol/winxppro/reskit/prkc_fil_xurt.asp - Multiple data streams [url2] http://support.microsoft.com/default.aspx?scid=kb;EN-US;q286797 - Windows File Protection and Alternative Data Streams (Q286797) [url3] http://www.heysoft.de/nt/ep-lads.htm - List alternate data streams. [url4] http://www.pgp.com/products/desktop-privacy.asp - PGP's Desktop privacy (includes encrypted drive software PGPDisk) [url5] http://www.jetico.com/index.htm#/products.htm - Jetico's BestCrypt [url6] http://www.eicar.org/anti_virus_test_file.htm - Eicar.com test file (for testing anti virus software). [url7] http://searchsecurity.com/ - Op-Ed piece on this to appear later this week. Other acknowledgements / thanks / greetings / information: dd, grep and strings CanSecWest - http://www.cansecwest.com/ - See you there URL for advisory, signature and keys: http://www.seifried.org/security/advisories/kssa-003.html http://www.seifried.org/security/advisories/kssa-003.html.asc http://www.seifried.org/security/keys/ - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGPfreeware 7.0.3 for non-commercial use mQGiBDsNcxcRBAD987JAFctBIHhuUNm5tqQgYi/CsFsx1afNI6QyHhbqPxJMF2Vs D5dymEKSNd8QSAP4GNTk9MwswwxXHuXIYJolp+U2HhD/UhQsp37WiEODMB+NX8Xc Xe5+BOUEUxaGo/du64tawslmiNw2KJDonKWaUSQBtp5ek1eQ0plTQbJ1DQCg//m4 wrYgtDl4iWdMk/76C4zbc/MD/ibshluW0pnWSDUxf00LrbMd3xAfQDPd9ACruY7z pXdbdSJctpGMgzjbC0B97uqJINmB2Uu9h62bK+eKb+eIlM+zJEth0r6PCrhr+Kj4 EpQWiiujVU8ijNbHVM9SqT2vcS9i2o2ZCjrf2bQDdI7jt1c88+DdaCvRW79BiN4P GsyCBADy8uewbArfRQl/erB6XeyVz2KDRvi5mNzM0xEWTtNkEV43pyHxXNtLzuD8 91GCHxsSL9f5JWEpcyiIiUhXNFdM3nZiGE/6/xfnKflDT7bsOdKXHXCvW1yN9aDx QoRhJhlc3mnZMyLx/xz4M6wXVj8ddOBtwgBmlFtdZjyiDHwNJLQpS3VydCBNLiBT ZWlmcmllZCAgPHNlaWZyaWVkQHNlaWZyaWVkLm9yZz6JAFQEEBECABQFAjsNcxcF CRAw7AAECwMCAQIZAQAKCRCtYwtOrVbldApoAJ9ZRUlW8cycj3/XlTVtQNx405GZ QgCg5zt7jGJ3v7FQguJgQloBGY1MACiJAEYEEBECAAYFAjsNcz8ACgkQ+7U3Ee+D x4wO6gCgnbSwZFOOiTPoYjLxu446qfvzAAoAni6CROE7jtzqZMdHJbEqDFXcreEn iQEcBBABAQAGBQI7DXNLAAoJECnUkEFIZQ2xALsH/13KyASmkFvyYCsj4hzD+UOV DMZ/3Vi8/dXqL2NpSdGbvaASNVRyGG4huJBBSh9ccjXo11IbAfOvICfjbUQmIb3w O/5mRQCiFIsakuPZWKhne5I9yVjL3ob78c4i2EvqSJ6VPFuqIrEdVCeMNU8DvjDw k8FkjF5osPoKdk2CndEnrLOXMz04Qyv6DB4O1qcmhEyVc842dqPd/eOnNGUA7qN7 axp4AiZRNRyf4/XbRt+KQzS0tItQy9LcNfQiIr2B0nYo4t+edyQbQSPBiuESYTzm TZhz0J3zxl4Tkea1GlTBxuJ6ulOFofZtDyAWABncZ9oEWgPADl15a+SCUNGvct+J AEYEEBECAAYFAjsNdHYACgkQUWd9bj7NcwaN6QCeIYLdy4G3XlFebtHiXSHc/K1/ Iw4AoNrGLQWSHat8rs74/uE8ojtzh79htCFLdXJ0IFNlaWZyaWVkIDxrdXJ0QHNl aWZyaWVkLm9yZz6JAEYEEBECAAYFAjuUYccACgkQrWMLTq1W5XRAugCfQyMVlXPs D7lYKvhYg08mv6U7AZcAn0feW5KeOLrmSCWKaHlNUsVHX3opuQINBDsNcxgQCAD2 Qle3CH8IF3KiutapQvMF6PlTETlPtvFuuUs4INoBp1ajFOmPQFXz0AfGy0OplK33 TGSGSfgMg71l6RfUodNQ+PVZX9x2Uk89PY3bzpnhV5JZzf24rnRPxfx2vIPFRzBh znzJZv8V+bv9kV7HAarTW56NoKVyOtQa8L9GAFgr5fSI/VhOSdvNILSd5JEHNmsz bDgNRR0PfIizHHxbLY7288kjwEPwpVsYjY67VYy4XTjTNP18F1dDox0YbN4zISy1 Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9 iUsiGSa6q6Jew1XpMgs7AAICCAD1mLQv5THh1JfuQEN26KbdRXWtw5tJ2LiXri17 G1BGS4pz7CVgNIhmKxhm9xvTD7Yb0xI2RoA5yre04xG77OQ47k0IjawSHdfr+PBZ 8C7O03QS17vKHthrpKayKENOUqWKOK3jGd2fx50EgKMnt5o+n1szEuhwvmxh1lOp iV4l4EMc2QykM1W/weTgCmTvBVABfgm0OQoNswdkrKPyyY16Li2IBI9ebqo6Vnz8 NWiZ2Hzta0cKvuGak/mmNkLsZFXQ3oH/J6ubRb9LskqJ4o7SwUaCAHR1sjlq5LS/ JNVjwkG18Q+Jrr4X6NncRK1eCuHm8yD5dbvHPZi0VnltXHwsiQBMBBgRAgAMBQI7 DXMYBQkQMOwAAAoJEK1jC06tVuV0vHwAmwTOfoVT5RJqaluoEvXy7qpRjmzUAKCw 4DM73//OxJSRLTwVO5IVtq/WIQ== =azr0 - -----END PGP PUBLIC KEY BLOCK----- Permission is granted for copying and circulating this Bulletin to the Internet community for the purpose of alerting them to problems, if and only if, the bulletin is not edited or changed in any way, is attributed to Kurt Seifried kurt@s..., and provided such reproduction and/or distribution is performed for non-commercial purposes. Any other use of this information is prohibited. Kurt Seifried kurt@s... is not liable for any misuse of this information by any third party. Kurt Seifried, kurt@s... A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://www.seifried.org/security/ -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 iQA/AwUBPEuH161jC06tVuV0EQJdaACg3i2aFcK4Rt6E9Ou9NNlt0sHJmxsAoM6b n4zlM+40Y8Em5NTqwQ+7r+yn =aYjp -----END PGP SIGNATURE----- ============================================================================ Delivery co-sponsored by VeriSign - The Internet Trust Company ============================================================================ FREE E-COMMERCE SECURITY INFRASTRUCTURE GUIDE When building an e-commerce site, you want to start with a strong, secure foundation. Learn how with VeriSign's FREE White Paper, "Building an E-Commerce Trust Infrastructure." See how you can authenticate your site to customers, use 128-Bit SSL encryption to secure your web servers, and accept secure payments online. Click here: http://www.verisign.com/cgi-bin/go.cgi?a=n116965650045000 ============================================================================ --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.314 / Virus Database: 175 - Release Date: 1/11/2002 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.314 / Virus Database: 175 - Release Date: 1/11/2002 4589 From: MIKE F Date: Mon Jan 21, 2002 10:17am Subject: WIN 2K ENCRYPTION On the Website near bottom the four articles posted on jan17 deal with Windows 2000 built in ecryption. later4,mike f ---------------------------------------------------------------------------- ----------------------------------------------- Added on Thursday, January 17, 2002 1) Keep Your Data Confidential A 2001 article from Windows & .NET magazine. 2) Step-by-Step Guide to EFS A technical reference provided by Microsoft. 3) Inside Encrypting File System Learn about Win2K's built-in encryption facility from this article from Windows & .NET magazine. 4) Encrypting File System Primer: Basics and Best Practices A 2001 article from the SANS Institute. The Above articles can be accessed from this web site: http://www.pcwebopedia.com/new_links.asp --------------------------- lATER4,Mike F ------------------------------------------ "CONFIDENTIALITY WARNING" This electronic message contains information which may be privileged and/or Confidential. The information is intended for use only by the individual(s)or entity named/indicated above.If you are the identified/intended recipient, be aware that (Unless you seek Permission.) any disclosure, COPYING, DISTRIBUTION,& or use of the contents of this Message/Information is Prohibited! --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.314 / Virus Database: 175 - Release Date: 1/11/2002 4590 From: Hawkspirit Date: Mon Jan 21, 2002 11:08am Subject: Help on R.F. signal identification Mat, Anyplace on the Internet I can learn more about this? Roger From: "Matthew Paulsen" Subject: RE: Help on R.F. signal identification This could be a frequency hopping Bluetooth air interface for a basestation. Spectrum spread in the US is from 2.402 to 2.480. 4591 From: Hawkspirit Date: Mon Jan 21, 2002 11:33am Subject: Help on R.F. signal identification Thanks, Jim, The overall bandwidth is by the numbers 66MHZ, The individual pulses appeared to be about 5MHZ each. As far as the time domain, I was using my surveillance receiver so I could not do any kind of frame capture. What would be the best technique for measurement in the time domain? I could get a general direction on the signal but the sweep was started after dark so I could not see the surrounding area. It is a residential neighborhood. The antenna's I am using are various flavors of wire wound configurations. It appears I will need some kind of dish for this. Would this be your recommendation for better directional analysis? Thanks as always for your expert R.F.help. Roger Roger, What was the bandwidth of the signals, and did you examine the signals in the time domain? I would suspect an 802.11 WLAN connection, but of course it has to be assumed a hostile signal until proven otherwise. Where did you trace the signal to? Was it originating INSIDE your clients facility? What kind of antenna where you using? -jma 4592 From: James M. Atkinson Date: Mon Jan 21, 2002 11:41am Subject: Re: Help on R.F. signal identification Roger, I have a copy of the current Bluetooth specification available on my website so feel free to download it, but be aware that it is something like 10+ MB is size. http://www.tscm.com/BluetoothSpec.pdf (10 MB core file) http://www.tscm.com/Bluetoothprofiles.pdf (4.3 MB supplement) -jma At 8:01 AM -0800 1/20/02, Hawkspirit wrote: >I'd like some help from the group in identifying an unknown R.F. signal. >This signal was received while doing a sweep in the northern part of Los >Angeles. >The signal operates between 2.402GHZ and 2.468 GHZ. This transmission is >some kind of pulsed microwave signal. The timing of the signal is as follows. > The signal first bursts five separate simultaneous pulses. The wave form >looks as if you hold your hand up in front of your face fingers pointed >toward the ceiling. Each finger would be a separate pulse. They range in >amplitude as you fingers appear a (bell curve). This burst lasts about one >half second and then the carrier is clear of signals. Next a single pulse >appears at the high side of the carrier (2.468) and starts to sweep down >frequency. When it reaches about the fifty percent point of the carrier >bandwidth the five finger burst array appears again for about one half >second. Then the single pulse reappears at the fifty percent point and >continues to sweep down frequency until it arrives at the lower frequency >of the carrier (2.402GHZ) and disappears and the five finger pulse bursts >again for a half second. This completes the cycle. The full cycle timing is >about 3 seconds. I monitored this signal for about four hours and I did not >detect any pattern variation. Any help appreciated > >Roger Tolces >www.bugsweeps.com -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell --------------------------------------------------------------------------------------------------