Date: Wed, 29 Sep 93 13:08:58 EST
Errors-To: Comp-privacy Error Handler <comp-privacy-request@PICA.ARMY.MIL>
From: Computer Privacy Digest Moderator <comp-privacy@PICA.ARMY.MIL>
To: Comp-privacy@PICA.ARMY.MIL
Subject: Computer Privacy Digest V3#050
Computer Privacy Digest Wed, 29 Sep 93 Volume 3 : Issue: 050
Today's Topics: Moderator: Dennis G. Rears
Guest Moderator
Re: Caller ID/ANI Thread
Lexis
Re: Clinton's Health Care Plan
Re: Finding out the Caller's Number (was ANI)
DES Key Search Paper
The Computer Privacy Digest is a forum for discussion on the
effect of technology on privacy. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy
(Moderated). Submissions should be sent to
comp-privacy@pica.army.mil and administrative requests to
comp-privacy-request@pica.army.mil.
Back issues are available via anonymous ftp on ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
Date: Tue, 28 Sep 93 9:45:32 EDT
From: "Dennis G. Rears" <drears@pica.army.mil>
cc: tcora@Pica.Army.Mil
Subject: Guest Moderator
I will be away from the office from Friday, 1 Oct until Monday , 11
October. Tom Coradeschi will be the guest moderator for this time
period. Administrative requests will not be handled until I get back.
dennis
------------------------------
Date: Mon, 27 Sep 93 18:44 PDT
From: John Higdon <john@zygot.ati.com>
Organization: Green Hills and Cows
Subject: Re: Caller ID/ANI Thread
Hans Lachman <lachman@netcom.com> writes:
> OK, this is my last post on this topic (I hope!).
That is too bad, since I have a question or two for you, since you seem
to be the Hard Questionmeister.
> Instead, turn the questioning around, and ask the anti-privacy
> freak for proof of any danger resulting from the increase in
> consumer power. That puts them in the defensive position. I
> asked for this proof in the ANI debate (earlier article), and
> got deafening silence from the other side.
This is very clever (well, not that clever) sophistry. However, I have
a question for you:
What gives you or anyone else the right to call me at my place of
business and dictate how I will use a telephone service that I not only
pay for monthly, but also for the proximate call you are making at the time?
And further, what gives you the right to tell me how my business will
be conducted so as not to use a feature that you dislike? Whether you
call my 800 number is entirely a matter that is under your control. You
make that conscious decision. I do not force you to call my business
and if you are so strongly offended at the loss of your anonymity, I
would strongly advise you to refrain from calling mine or anyone else's
800 number.
Yes, it may cause you some inconvenience to avoid using 800 numbers,
but nowhere is it written that you have any right to call them on your
specific terms. If you want to get legislation (just what we need, more
junk laws) passed that requires statements such as "calling this number
may reveal your telephone number to the callee", that is one thing. But
to take it upon yourself to dictate aspects of a service in which you
do not even participate as a customer or as a supplier (just as a
beneficiary of its mere existence) is display of extreme arrogance.
It is not a God-given or Constitutional right to be able to call 800
numbers anonymously. These numbers are paid for by businesses to
further their own business needs, not to satisfy some intrinsic obligation
to you. If you feel the public is inadequately informed concerning the
technical aspects of 800 service delivery, no one is stopping you from
taking out full-page ads in national publications to remedy that
situation as it is perceived BY YOU. ANI delivery is not some dirty
little secret of which only fabulously informed persons such as yourself
have any knowledge.
> In conclusion, I believe that consumers should have maximum
> possible control over the collection, dissemination, and use of
> information about themselves.
I could not agree with you more. As I pointed out, you can block any
800 number from reading your ANI very easily (don't call). I also
realize that you want your cake and eat it too. You want businesses to
shell out for those 800 numbers which save YOU money, but you also want
to dictate the terms by which they can be used. Sometimes you cannot get
what you want, just the way you want it at other people's real,
monitary expense.
BTW, I will be happy to prove that ANI delivery causes no harm right
after you show me how. Please prove to me that cucumbers do not cause
cancer. Otherwise, I am going to see what I can do to have them
outlawed :-) I did get that right, did I not? You merely have to make a
groundless accusation and it is up to those of us paying the bills on
and participating in the service in question to disprove your charges
with a propondrance of the evidence while you sit back and indignantly
look on. Got it.
--
John Higdon | P. O. Box 7648 | +1 408 264 4115 | FAX:
john@ati.com | San Jose, CA 95150 | 10288 0 700 FOR-A-MOO | +1 408 264 4407
------------------------------
Date: 28 Sep 1993 09:34:18 -0500 (CDT)
From: JTUCKER@vax2.cstp.umkc.edu
Subject: Lexis
Organization: University of Missouri - Kansas City, CSTP
I just received a disturbing item in the mail. The following postcard is
from Lexis who is owned by Mead Data Central:
LEXIS FINDER Library --- Coming soon to LEXIS
The FINDER library -- a nationwide "white pages" directory of 111 million
individuals' addresses, phone numbers and more -- is coming soon to your
LEXIS terminal.
With LEXIS FINDER you'll quickly and easily find:
Parties
Witnesses
Heirs
Beneficiaries
Shareholders
Members of potential class actions
Watch your mail for more info, etc...
Didn't Lotus try this one?
Joseph...
------------------------------
Date: 28 Sep 1993 18:31:37 +0000 (GMT)
From: Dick Rinewalt <rinewalt@gamma.is.tcu.edu>
Subject: Re: Clinton's Health Care Plan
Organization: Texas Christian Univ Comp Sci Dept
In article <comp-privacy3.49.9@pica.army.mil> ,
WHMurray@dockmaster.ncsc.mil writes:
> The bureaucrats response of choice in this situation will be a personal
> identity number and a massive data base. This data base will contain
> our most intimate personal information. It will be in the
> hands of government bureaucrats. If bureaucrats simply do what
> bureaucrats do, these tools will result in huge loss of personal and
> family privacy. While safeguards, may mitigate this to some small
> degree, and whether or not there is abuse, the impact will be major.
The database already exists (the Medical Information Bureau in Boston),
but it is in the hands of the insurance companies who can (ab)use it
as they wish.
Dick Rinewalt Computer Science Dept Texas Christian Univ
rinewalt@gamma.is.tcu.edu 817-921-7166
------------------------------
Date: Tue, 28 Sep 93 14:43:54 CDT
From: varney@ihlpe.att.com
Subject: Re: Finding out the Caller's Number (was ANI)
Organization: AT&T Network Systems
In article <comp-privacy3.42.1@pica.army.mil> "david.g.lewis" <deej@cbnewsf.cb.att.com> writes:
>In article <comp-privacy3.39.1@pica.army.mil> varney@ihlpe.att.com writes:
>> At least for 800 calls, I wouldn't object to an ANI-block
>>mechanism. (I must acknowledge I work for a part of AT&T that could
>>benefit from any mandated new features.) Even better would be a
>>"presentation restricted" indicator in the ANI field, as the Caller-ID
>>information contains.
>
>Of course - then all the LECs are mandated to purchase new software for
>all their 5ESS(R) switches, 1ESS(TM) switches, 1AESS(TM) switches,
>4ESS(TM) switches, new MF senders for all the remaining 5XBs, etc.,
>etc., etc. Helps AT&T Network Systems' income no end... Although I
>would claim it would be a Big Deal to build and deploy it.
David, I think you may have mis-interpreted my post. I am NOT advocating
a "block ANI" for 800 calls. I said I wouldn't OBJECT to it, if payed for
(ENTIRELY) by the users. Whatever the deployment costs, whatever the
method of blocking calls that blocked ANI, etc. Any IXC costs would be
recovered, as well. If users want the capability, but are unwilling
to put forward some real $$$, then they don't really want it.
Please note that LEC mandated purchases are not that uncommon.
In many cases, the feature users DON'T pay for the costs. The telephone
users or IXCs get to pay for it in higher rates (or slower reductions).
Going to 4-digit Carrier Access Codes will probably be paid for by the
existing IXCs, who benefit little from the feature. Costs for the
Interchangable NPAs sure aren't going to be recovered by higher charges
to call those new NPAs, or by callers assigned the new NPAs.
>... Over, say, 250 business days a
>year, we're talking about a $40 million hit on the bottom line of the
>800 business.
>
>That's ongoing costs, of course; there's also the cost to the industry
>of building and deploying the capabilities to provide the blocking.
David, those requesting blocking have not stated they are unwilling
to pay for the capability. If every IXC received $1 for every blocked
attempt, would you still insist on non-deployment? How about $10?
For those who want ANI blocking for 800 calls, HOW BADLY do you want
it? (And please assure me you don't want non-users to fund it.)
Al Varney - my opinion only
------------------------------
Date: Wed, 29 Sep 93 00:46:46 -0400
From: Monty Solomon <roscom!monty@think.com>
Subject: DES Key Search Paper
FYI. From rec.video.satellite
Newsgroups: rec.video.satellite
Message-ID: <HOMESAT%93092808274173@VM1.NODAK.EDU>
Date: Tue, 28 Sep 1993 08:14:52 CDT
Sender: HOMESAT - Home Satellite Technology <HOMESAT@NDSUVM1.BITNET>
From: "Dr. Robert R. Wier" <wier@MERLIN.ETSU.EDU>
Subject: DES encryption
Here's a thing which recently came in which I thought might be of
interest to you VCII(+) fans out there...
===Bob Wier
========== insert usual discalimers here =================
internet: wier@merlin.etsu.edu (watch for address change)
Subject: Re: DES Key Search Paper (fwd)
Michael Weiner presented a paper at Crypto93 that describes a fast DES key
search engine that uses a special inside-out DES chip that he designed.
This chip takes a single plaintext/ciphertext pair and quickly tries DES
keys until it finds one that produces the given ciphertext from the given
plaintext. Weiner can get these chips made for $10.50 each in quantity,
and can build a special machine with 57000 of these chips for $1 million.
This machine can exhaust the DES key space in 7 hours, finding a key in 3.5
hours on the average. He works for Bell Northern Research in Ottawa, and
says they have not actually built this machine, but he has the chip fully
designed and ready for fabrication.
This is a stunning breakthrough in the realization of practical DES cracking.
BTW-- note that PEM uses straight 56-bit DES.
------------------------------
End of Computer Privacy Digest V3 #050
******************************