Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Cyber Law :: ripco.txt

How RIPCO got busted (great read)




****************************************************************************
                   >C O M P U T E R   U N D E R G R O U N D<
                                 >D I G E S T<
               ***  Volume 1, Issue #1.27 (Aug 9, 1990)   **
****************************************************************************

MODERATORS:   Jim Thomas / Gordon Meyer  (TK0JUT2@NIU.bitnet)
ARCHIVISTS:   Bob Krause / Alex Smith
USENET readers can currently receive CuD as alt.society.cu-digest.
     COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of diverse
views.  CuD material may be reprinted as long as the source is cited.  It is
assumed that non-personal mail to the moderators may be reprinted, unless
otherwise specified. Readers are encouraged to submit reasoned articles
relating to the Computer Underground.

Date: 7 August, 1990
From:      . Ripco (Bruce ?)
Subject:   Dr. Ripco Speaks Out
********************************************************************
***  CuD #1.27: File 3 of 4: Dr. Ripco Speaks out                ***
********************************************************************
     This document is being written to state my involvement with Operation
Sundevil and the events that passed on May 8th of 1990. My name is Bruce
Esquibel but most people in the modem world would know me better as Dr. Ripco,
the sysop of the Ripco Bulletin Board in Chicago.
     Ripco operated since the winter of 1983 and preformed what I believe to be
a good public service to the telecommunications world. Its label as a 'phreak
and hacker' board was an incorrect statement which I lived with most of the
time. Some content of the system was in fact dealing with that subject but I
have always felt most of the information especially in the form of general
files was nothing more than second hand news, traveling board to board. Neither
the board or myself ever supported or was associated with formed hacker groups
like the LOD or TKOS. In the years Ripco operated there were members from these
groups at one time or another but only to establish accounts and rarely touched
base or communicated with other users.
     The system was quite popular with it peaking at 701 users and averaging
around 600 active at any one time. Daily it took in about 50 calls with this
figure waxing and waning with the social seasonal changes of school schedules
and holidays.  The majority enjoyed the freedom of expression the system
provided, not to figure out how to make a free phone call.  Most of the
activity was on the main message board which could be accessed by anyone, even
those without validated accounts. The rest of the message bases Ripco had were
more specialized in their subject matter but not too much more than what is
found on other boards. Ripco's greatest claim to fame in my opinion was the
general files.  It seemed to attract new users like flies to honey. I don't
think the reason for this was quality but in fact quantity.  There was over
2500 of them, divided into 23 sections. Like the message bases only a minority
of the files could be put into the hack/phreak class.
     Ripco operated with a bit of mystery to it. My personal involvement on the
board was next to nill. Unlike other operators who rule their boards like a
god, I decided long ago to let the people do what they wanted without getting
in the way and give them the freedom to stand on their own two feet. This
didn't mean the system was total anarchy, in fact many complimented on how well
the system was structured. This unusual concept let some to believe the whole
system was a setup and I was accused on several occasions of being a FBI sting
board or associated with some kind of law enforcement.  Adding to this was some
argument over where the bbs was actually located. A few adventurous individuals
attempted to track it down through the CNA bureau and ended up at a vacant
storefront. The real explanation is a long story but it comes down to multiple
screw-ups by Illinois Bell more than any deceptive practices on my part. This
of course doesn't happen in real life thus the only people that can get a phone
number for a fictitious address are 'feds'.
     At least now I can put that rumor to rest. On May 8th I was awakened at my
home at 6:30a m by several Secret Service agents with a warrant for computers
and telecommunications equipment. They also had a second warrant issued to the
address where Ripco operated out of. Although there are better ways to start
the day, this did not come as a real surprise to me. Since 1987 when Shadow
Hawk made the papers with his $2.3 million software theft charges it occured to
me that as more and more people are caught, if they even were remotly connected
to Ripco, eventually something would turn up on my end. This could be
considered the reasoning of a mad man but I have always felt that there was no
illegal activity going on within the system and could defend it no matter how
petty it was taken apart. To put it another way, Ripco's bark had a hell of a
reputation but no bite.
     This was probably and still is true depending how you look at it. The
warrants issued were only (!?!) seizure warrants issued to the addresses. There
were no names on them and I was not arrested or charged by the Secret Service.
This provided me some relief but since I didn't get to sleep till 4am that
morning it was probably a lack of reasoning on my part.
     There were at least 5 agents that came to the house, but I think they had
a few more around back in case of an escape attempt. Three of them stayed while
two others drove me to the other location. The only question they asked before
I left was it would be easier if I gave the location of any computers I had
there to which the reply was 'none.' This later proved true since no items were
taken, but they did spend about an hour looking through everything.
     I wish to point out that this was not a scene that would make good
television. They didn't break down any doors, no one I observed had a gun drawn
and overall they were pleasant in their mannerisms. This is not being said in
defense of them but I always have been curious about the stories passed around
where swat teams come down on a 16 year old for running a few MCI numbers. One
interesting side note to you electronic phreaks out there is their radios,
which probably use Motorolas digital voice protection circuitry trip every car
alarm in the neighborhood when keyed. Several of the agents said this was
normal and wished they didn't have this side effect.
     As I traveled with the agents to the other location I started to think
what they were about to see and if anything was there that needed a fast
explanation. The only thing that occured to me was three handguns I kept for
personal protection. I informed the driver of this fact and he radioed ahead to
let them know. He said matters like that isn't their concern but added they
have to check with local law enforcement to see if I was in violation of city
or state laws.
     When we arrived there was a sizable crowd waiting.  Besides 5 or 6 more SS
agents, there were a few others in suit and tie (the SS dresses casual) and at
least one Chicago police car with a couple officers. The agents that escorted
me there led me to a woman probably in her mid or late 20's.  She apparently
was the one in charge and gave me instructions on how we were going to enter
the building. Before unlocking the front door she asked several times if any
boobytraps were set either for them or the computers. I found this questioning
amusing but was the only one smiling of the group. Unlocking the front door led
to questions about where the guns were located and instructions on how to find
them. I brought up the fact the alarm system had to be turned off and after a
few attempts she managed to deactivate it. A different agent was sent in and
recovered the weapons.
     As we entered the main room I was told not to touch anything but to point
out the computer the board was run off of, which I did. The woman then
introduced herself as Barbara and informed me of what I already knew, they were
there to carry out a warrant and that it would probably take a while. She
handed me a piece of paper which was the actual warrant and as I looked it
over, a paragraph stated it was issued based on an attached affidavit,
specifically pages 26-39 by a special agent Lawson. Asking where the attached
affidavit was brought the reply "it was a closed document, I didn't have any
rights to see it" and added 'its an on-going investigation'. I was then
informed by her that I was not under arrest nor charged but they had to read
the Miranda rights to me since any questions I answered could be used against
me. Another agent said they did have questions but I did not have to answer
them, could answer them with a lawyer present or even have a lawyer present and
not answer them. He also pointed out that I could stop answering the questions
at any time so I figured I'd agree to answer them since there wasn't all that
much to hide anyway.
     Although an attempt was made to get comfortable within the building, the
main area is full of junk collected over the years and the limited seating made
things a bit crowded.  We eventually ended up out back outside where the
questioning took place. From this point on Barbara made few other comments and
the bulk of the questions were handled by another young agent named Tim.
     The questions started with an apology by Tim saying there was someone who
requested specific questions to be asked for a case study or something along
those lines. He said they were fairly simple but was required to ask them.
These questions were general in nature and read off a xerox sheet, mostly a
list of phrases that were looking for definitions.  What is a phreaker, hacker,
know what a virus is, have you ever written or distributed one, etc.
     After this opening round of Q & A, he announced we were going on to more
specific questions involving myself and the bulletin board. I don't really
remember most of the questions but the subject dealt with my awareness that
both credit card and long distance access codes were being passed through the
system and what was on the hidden boards that normally wasn't part of standard
access, and who had access to them. My answer to these led into the system
maintenance and how I handled it.
     As far as the question about the codes went, I replied no I was not aware
of that and he point out they had printouts proving they were. Of course it
crossed my mind that if they already had soild proof, why bother to ask the
questions. I wish to publicly state that this type of information was posted
from time to time but I did not lie to the question. Regular users of the board
were aware that long ago I made clear the system policy on this matter. Long
distance codes along with credit card information was not allowed to exist on
the system. I felt that any specific information left that could lead to direct
fraud was not welcome and would be removed and persons who repeated violating
this themselves would be removed from the system also.
     To clarify the phrase 'specific information' to the readers of this file I
wish to explain my position on how I considered board policy on messages. It is
no secret that many of the posts of board 5 (fone phun) either solicited for
the need of or said they had and would share such information. I never
considered this wrongful for a number of reasons. The primary one would be most
people on there were blowing smoke as far as really knowing anything either
fraudulent or important. Few people outside the bbs community realize that in
many areas both status and ego are wrongfully important factors to others
within the modem society. Many people who wish to raise their status will often
come up with outlandish claims in an attempt to convince others he or she is an
expert on one matter or another.
     Any attempt to suppress this act I felt would of damaged Ripco's open door
policy since people do have to start somewhere and eventually learn their peers
will catch on fast if someone is pulling a bluff. Thus this type of activity
was tolerated but the line was crossed if anyone attempted to really do it. For
example if a message contained something like 'just dial 1-800-555-1212 and
punch in 123456 at the tone', the entire message was removed or in more cases
re-edited especially if other parts were about non-related matters.
     Returning to the questioning, the above was explained as such but not as a
whole. If in fact they did have printouts of such activity, I suggested an
explanation which covered the maintenance aspect of the board. Basically Ripco
operated itself with my chores limited to validating new users and updating the
general files. Once every morning the messages left since my last check-in were
read. The removal/re-edit if needed was applied at this time.  Considering this
occured daily around noon, a message posted let's say at 3:00pm the preceding
day was in existence for nearly 21 hours before it got my approval or
disapproval. Thus I pointed out that in theory they could have a printout of
something but if checked the following day, it should have been removed.
     This was not second questioned by them and they seemed content with it. As
far as the hidden boards went, there were two as most of the system users knew
but were not really active. Board 9 to the best memory serves me was completely
non-existant. Although it was used in the past for various things, after one of
many hard drives crashes it bit the big one and was not in service. The message
file required to use it was not there and I believe there was even a line in
the program that reset the security bit of people that did have access in the
past so they couldn't accidently enter causing a 'file not found' error. Board
10 was active but fewer than 6 people could claim to access it. Originally it
was set up when an attempt was made on my part to collect a few bucks to keep
the system running back in 1985. It contained few messages and would only gain
5 or 6 more a year.
     Questioning from this point on was more broad in nature, jumping from
subject to subject. Items like the anarchy files which were made up in part of
bomb construction articles were deemed 'wrong' by them and I defended by saying
such information could be gathered from numerous public sources. They still
insisted it was 'wrong' and shouldn't have been made available.
     One fact that arose well into our chat is that it became obvious that
besides Tim who seemed to know little besides a few buzzwords, none of those
here really had an understanding of computers or much else as far as a
technical background went.  Another agent even admitted later that they were
only here to serve the warrant, as far as what was really going on with the
investigation and who or what was involved, they didn't know. Any questions I
attempted to ask them were generally not answered and the ultimate question of
'why me?' was given the reply 'catch the evening news, this is happening right
now all over the country, should make some good headlines.'
     Even the simple question of what's next, where does the stuff end up
needed a short conference among them and they decided on the following: after
its boxed up downtown, it's shipped to Washington to a department called
'diagnostics'.  Tim appeared to be the only one with knowledge of this because
one of the other agents asked him 'who runs that?'.  Tim explained to him that
it was part of the SS and was started a couple years ago. The other agent just
shrugged his shoulders.
     To put some people fears to rest, there wasn't much else going on. I
expected they were going to ask me about certain individuals or if I knew
anything else going on, but they didn't. Even subjects like PHRACK and the LOD
were only touched upon, no specific questions were asked or answered. They
seemed pleased to find a catalog printout of the general file section with the
PHRACK issues but considering anyone with a valid account had access to the
actual files, this didn't seem to make sense to me.
     After a couple hours of this with many lulls in the questioning they asked
if I would sign a statement saying basically everything I said was true and I
did because it was. The only other thing they wanted in the statement was that
I was in fact the operator and did make an attempt to keep the board clean on a
daily basis. Makes me wonder now what that could be twisted into later down the
line.
     In all they were here for about 6 hours. In that time I learned little on
what was going on. One of the agents said there were 2 representatives from
AT&T present but didn't know why, saying they just had instructions to pick
them up this morning before they came and got me. My gut feeling was the
code/credit card numbers that much of the conversation was based on.
     Drawing to the end they informed me the warrant was completed, led me back
inside after taking a few snapshots of your truly and handed me a receipt of
what they took.  Annoying in the first place them being there, the first thing
that caught my eye was both my personal Macintoshes were on the list along with
the related hardware including a 940 meg worm drive and laser printer. Laser
printer? Maybe if you could pick it up and throw it at someone it could be
considered a lethal weapon but what else? Ripco operated on an Apple //e and
had no connections to the macs besides being near them which apparently is the
way they determined what stayed and what went.
     My guess is that after examining the rats nest of wiring that existed
around the 3 computers, they figured anything plugged into the power strip must
have been tied in with each other somehow. An IBM 386 clone and an Apple //gs
sat on the floor only a couple feet away but were untouched. Other items taken
included a 1955 Western Electric model D500 phone, any personal phone books
including a copy of the Chicago White Pages and several pictures and cartoons I
had hanging on the wall. This also included a picture of a hooker spread eagle
from a bachelor party and a picture of Charles Manson clipped from some tabloid
because it bore a resemblance to me. All disks if not in a sealed box (probably
around 3000) were also taken along with paperwork found in various areas.
These items were only listed as 'misc.' and not broken down on the receipt.
     I was cut loose only momentarily since an officer from the Chicago Police
Department replaced the many people running in and out during the morning
hours. He asked if the guns turned over to him were registered with the city,
which they weren't because you can't, so I was charged with a misdemeanor,
failure to register a firearm. A slight explanation about this: back when Jane
Byrne was mayor, she wanted to outlaw handguns altogether. Some suburbs of
Chicago tried this and met with resistance from the NRA and feared long court
battles. So they offered an a grace period to get people who already had them
to register them, but at a cut off date, handguns could no longer be
registered.  Thus anyone getting caught with a handgun after this did not face
an illegal weapons charge, only the failure to register even though someone who
registered prior is safe. It ends up going to court, having the weapons
destroyed and getting 6 months supervision with no conviction on the books.
This was the outcome of that situation.
     At least that story had an ending. As far as what is going between me and
the Secret Service, I don't really know or have a clue. At this writing it has
been nearly 3 months and I haven't heard a word from them. Everything is just
speculation on my part since it seems the matter is being kept under wraps.
Even the names of the others involved on that day were not released. I don't
know if those other people were system operators or users. One agent said
you'll probably hear from us in 6-8 months while another was not so optimistic
and said it would probably take years adding later that it's a good chance I'll
be in my 50's, married with children before I knew what happened.
     In the time shortly after the seizure I talked to several lawyers to at
least get some opinions on what to do next. Without being charged it seems very
little can be done.  My only options are 1) sit back and relax, wait till they
do something or 2) file a lawsuit to get the stuff back. All the attorneys
brought up the suit idea but only one suggested it wasn't really a good way to
go. Based on what they took as far as value goes, the preliminary costs would
be about half with it approaching double if it has to go to court and heard in
front of a jury. It appears the best outcome is to get the stuff back, you
can't claim damages or get your court fees back when it comes to the federal
government.
     One point I want to make clear is under a seizure warrant, all material
taken is forfeited to the government.  It doesn't seem like a situation where
they have to give it back after examination. They have according to what little
I could find on the subject, 5 years from the date of the warrant to set up an
indictment. Even if no indictment is made, they don't necessarily have to
return it. It can either be used for internal use or put up at auction. There
was an article in Unix Today where an agent seemed to indicate the material is
returned but I haven't found any support of this policy.
     My opinion on all of this is basic. The government came in, took my
personal property to determine if there was any wrong doing somewhere. It seems
like a case of being guilty and proving yourself innocent. Or in another light,
them thinking there was wrong doing and getting the stuff to make sure.  Either
way its just not right. Although I have no desire to battle this in court on my
own, it seems to be there should have been a charge for something, even if it
was minor, with other stuff being added later if needed. At least it would beat
this nazi/gestapo tactic of secrecy.
     Is Ripco's involvement with credit cards and access codes the real basis?
Does the distribution of PHRACK play a part in it?  What if they were
investigating someone on the board and felt there was information that would
help them?  Did they ever think of knocking on the door first? If it was
someone else they were after, should I be the one getting penalized? Does the
first amendment come into play at all?  Even though I am free to open another
board at this time if I choose, why isn't a newspapers printing press taken
when a reporter refuses to name his sources about a sensitive story?
     I don't have the answer to any of these questions. Even if I did, they
might be the wrong questions in the first place. One opinion put forth by
several people is that putting the board out of business could be all they
wanted.  Its possible if any one piece of information contained within Ripco
was used in assisting someone to commit a crime, it could be all they needed.
Maybe they looked at Ripco as a pain in the ass since the beginning but
couldn't get rid of it any other way.
     In closing I'd like to point out that this is not a black and white issue
reguardless of anyone's opinion. There were many who hated the board, thought
it was trash and would of liked to see it removed for good. Well they got their
wish but consider the circumstances of what happened. No reason given, none to
offer. Think about that next time you sign on to your favorite system and see a
message about someone selling a used computer or hard drive. If that item is by
chance stolen merchandise, can the operator lose his computer because it aided
someone to fence?
     Based on what happened to me up to this point, its only one step away. I
am not a hacker, phreaker, have anything to do with credit cards or
manufactured explosives. Until the weapons charge I never had been arrested and
even my driving record has been clean since 1978.
     1984 arrived a bit late but there is no doubt to me its here. Thanks again
to everyone that supported the board and there is always the possibility
another Ripco will appear.
     You just never know.

********************************************************************
***  CuD #1.26: File 4 of 5: Update on RIPCO BBS & Dr. Ripco***
********************************************************************
Date:    Mon, 30 Jul 90 22:54 CDT
From:    Moderators (TK0JUT1.cs.niu.edu)
Subject: Update on RIPCO BBS and Dr. Ripco
     One forgotten victim in the Sundevil sweeps has been Dr. Ripco, sysop of
RIPCO bbs, which was considered one of the top CU hangouts and text file boards
in the country. Dr. Ripco's equipment, including numerous disks, several
computers, and telecom equipment, was confiscated by Secret Service agents with
a seizure warrant on May 8. Although no computer-related charges have been
filed, no equipment has been returned.
     When we caught up with DR a few days ago, he explained that local
(Chicago) police who accompanied federal agents on the seizures found several
pistols in the storage building where the computer equipment was located. Under
a Chicago ordinance, possession of weapons is a misdemeanor, and DR was cited
for failure to register the weapons.  The guns were new, never fired, and still
in their box.  If we caught the details correctly, he entered a guilty plea,
they took away the guns, and he was given six months supervision and will not
have a record.
     The Doc indicated that he himself did not participate much in the modem
world, and one reason he has been silent is because he isn't fully aware of all
the digests and e-mail connections that exist, and depends for his news q on
local media (good luck on that one, DR) and word-of-mouth from friends. He has
not yet retained an attorney to re-acquire his equipment, because he believed
it would be given back relatively soon. Now, nearly three months after the
seizure, he is concerned.
     DR indicated that, unlike the experience of others, the SS was relatively
polite, if ignorant about technical matters. Although wearing bullet proof
vests, their guns were not drawn and they did not attempt to hassle him
(despite some snide comments by one agent).  He emphatically indicated that the
searches and confiscations were not necessary, because if they had contacted
him, he would have cooperated fully.
     The Doc claimed that, to his knowledge, little illegal activity occured on
the board. He thought that perhaps some of his files might be considered "bad
taste," but they were not in his judgment illegal.  Public message logs from
mid-1988 to May 7, 1990, support his claim.  Despite some posturing, few of the
over 600 users abused the board.
     In many ways, the situation is like that of Steve Jackson, whose equipment
was confiscated and board shut down because of some vague notion of "possible
wrong-doing."  RIPCO seems to have been targeted in part because of its
longevity and in part because it had one of the better text file collection in
country. It was a gathering point for many of the most active computer
underground types, and the number was reportedly blocked by at least one
telecom LD server because of phreaks calling.
     If we are correct in our reasons for why RIPCO was shut down, it further
indicates the chilling effect of Sundevil. Providing textfiles as a resource is
not illegal, nor, to date, has the government claimed that Dr. Ripco in fact
did anything illegal.  Yet, his equipment is gone and the modem world lost a
fine board.
     The moderators emphasize to those who think that RIPCO was nothing more
than a phreak/hacker board that it provided some of the best chat we have seen.
Discussions ranged from current events to sophisticated philosophical issues.
Despite the usual number of dolts one might expect in a community of over 600,
the users were generally well-informed, articulate, and stimulating.
     The closing of RIPCO is symbolic for two reasons.  First, as one of the
longest running CU boards, it served as a cultural meeting place.  The CU
community is transitory, with participants coming and going as their interest
fades and is rekindled.  RIPCO served as place to reunite old friends and meet
new ones.  Although most of the "elite" CU didn't frequent RIPCO regularly,
they would often "stop in" just to check their e-mail or see what the latest
text files were.  Thus, RIPCO was functional for entering and maintaining
contact with the CU community as a whole.
     It is also interesting to note that RIPCO had long suffered under a sort
of "common knowledge" that it was highly "infested" with law enforcement
agents.  This assumption was fed both by it's longevity and openess to the
public.  When it was closed down, the general CU reaction was one of sorrow
(because it was such a familiar part of the community) and confusion (because
of its reputation for being legal and above board).  There was also some
question as to why the "feds" would shut down what was assumed to be a source
of information they were using to obtain leads into the activity of the CU.
     There is a chance that Dr. Ripco might resume the board, and we encourage
him to do so. RIPCO was an asset to the modem world and many of us miss it. Dr.
Ripco's account of his experience will appear in CuD 1.27.








TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH