Date: Thu, 24 Feb 94 08:56:10 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V4#034
Computer Privacy Digest Thu, 24 Feb 94 Volume 4 : Issue: 034
Today's Topics: Moderator: Leonard P. Levine
Re: Clipper Overseas
Re: Clipper Overseas
Re: Bacard & Barlow: Clip Clipper
Clinton/Gore Privacy Change - BLACKMAIL?
Re: Electronic Banking
Re: Privacy and Sexual Crimes
Telephone Card Audit Trails
The Computer Privacy Digest is a forum for discussion on the effect
of technology on privacy. The digest is moderated and gatewayed into
the USENET newsgroup comp.society.privacy (Moderated). Submissions
should be sent to comp-privacy@uwm.edu and administrative requests
to comp-privacy-request@uwm.edu. Back issues are available via
anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp"
with password "yourid@yoursite". The archives are in the directory
"pub/comp-privacy". Archives are also held at ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
From: A.J.C.Blyth@newcastle.ac.uk (Andrew Blyth)
Date: Mon, 21 Feb 1994 09:29:22 +0000
Subject: Re: Clipper Overseas
How does key escrow affect potential international users?
At the recent Paris air show the US government was advising US business
men to keep their briefcases shut as foreign governments where looking
to steal their secrets. It strikes me that all that will happen is that
non-US companies will adopt a more secure encryption system. And US
companies will only be as secure as their escrow keys. It is therefore
a step backwards for US companies and the US in general.
In short, International users will NOT use it except when forced to
talk to US companies.
--
Department of Computing Science, |
20 Windsor Terrace, | Tel No. +44 91 222 8972
University of Newcastle Upon Tyne, | Fax No. +44 91 222 8788
Newcastle Upon Tyne, |
England. | EMail. A.J.C.Blyth@newcastle.ac.uk
NE1 7RU. |
------------------------------
From: Christopher Zguris <0004854540@mcimail.com>
Date: Mon, 21 Feb 94 08:53 EST
Subject: Re: Clipper Overseas
A few days after I posted my question about the implications of clipper
overseas I ran across this article in the TOP OF THE WEEK section (page
12) of the February 14, 1994 issue of INFORMATIONWEEK written by Mark
E. Thyfault with John P. McPartlin and Clint Wilder:
--- Excerpt Begins---
The Data Security Furor
[...BACKGROUND INFO ON CLIPPER...]
Secret Listening Posts
But, according to National Security Agency expert James Bamford, U.S.
businesses have reason to worry, particularly if they have offices in
other countries. The NSA operates under a law that protects U.S.
citizens and U.S. corporations from surveillance unless there is a
connection with a foeeign entity.
"To target a U.S. company, the NSA needs a warrant from a secret court,
the Foreign Intelligence Surveillance Court," Bamford says. "This court
has been in existence for 20 years and has issued only one public
document. In its entire history, this little-known court has never
turned down a request. It is very easy to present a case that
impresses these judges, and very hard for the government to lose."
Although the agency refuses to comment publicly on such matters,
Bamford and others say the NSA already operates secret listening posts
accross the country, including one in Sugar Grove, VA., where
international telephone signals are intercepted and shipped by cable or
microwave to NSA headquarters in Fort Meade, MD.
---Excerpt Ends---
Why has the popular media done such a poor job of informing the general
public about all the aspects and potential problems of clipper? We keep
hearing how everyone and everything will go over the "information
superhighway" and how wonderful life will then be, but we don't hear
about how potentially insecure the clipper can make these
communications. Imagine if everything was going over some terminal in
your home - banking, personal email/faxes/video, shopping, other
financial transactions - all conveniently monitorable thanks to
clipper. That's the problem in this whole debate, the general public
has not been informed. If the general public were informed of the
potential risks this debate would be over and clipper would be
scrapped. Sorry if this post turned into a flame, the article got me
pretty angry.
------------------------------
From: walter@netcom.com (Walter Alter)
Date: 21 Feb 1994 10:32:10 -0600
Subject: Re: Bacard & Barlow: Clip Clipper
Organization: UTexas Mail-to-News Gateway
your analysis of the Clipper Chip affair is truncated at some crucial
panoramas and unlesss wide angled- will see you proclaiming "peace in
our time" like Chamberlain in 1939.
now lookit- the entire radical/liberal end of the political spectrum
was a product of some strange think tank low intensity conflict (Cold
War) cultural paradigm shift psychological warfare operation spanning
two generations starting in the late '50's. an important "theater" of
these operations was the programming of American society to hold
suspect our belief in technological optimism as an inevitable product
of Scientific Method. from the attempt to institute "Aquarian Age"
irrationalist quasi religions ("what's your sign?") to animistic Gaia
Earth worship as the ostinado behind contemporary Environmentalism,
from the anti-Nuclear Power movement to the anthropoligists' "cultural
relativism" argument in favor of leaving the 3rd World undeveloped and
non industrialized, Science based civilization has been under a broad
front rolling barrage from Marxists, Anarchists, Socialists,
neo-Primitivists, Liberals, Pastoral Utopians, mystics, UFO watchers
waiting for Godot, and the occasional Jesuit. Science based
technological progress has been cast under the spectre of fascist
Militarism, wasteful space projects, Frankensteinian recombinant gene
research, Dr. Strangelove beam weapons, glowing plutonium flowing in
our sewers and a litany of spills, chills and cheap thrills from the
Free Market Capitalist neanderthals who'se "enlightened self-interest"
means Freudian death wish slow suicide for you, me and the planet.
kids, it's time we dug ourselves out from under the rubble of Bolshevik
disinformation about the nature and method of rational mentation and
the fruits of our labors so applied that Science builds our future.
the gist of my polemic here is that if you want to harness the brick
throwing activism that animated the Viet Nam War Era you are going to
have to get those cadres into a positive position about the benefits of
enerpreneurial Capitalism as practiced by the elelctronics/computer
industry and a positively stark raving affinity for the product of
rational human genius, basic Scientific research, R & D applied
industrial research, our capacity to engineer a solution to ALL human
problems of material want, and our wacky eccentric inventor-uncle-
Leonardo DaVinci.
starting tomorrow we rehabilitate the memory of Comrade Nikola Tesla
and comrade Buckminster Fuller and make them both household words
within 3 months, forcing entire university faculties to devote their
total resouces to furthering the work of these intellectual giants, and
causing the National Education Association to adopt the Platonic
Academy method of pedagogy for our nation's youth by next Tuesday.
it's either that or lose the whole enchilada. dig? it's the
post-Perestoika Age and post modern post industrial deconstruction
party lineage is less than politically incorrect, it is the fetid
expiration of a puppet corpse.
------------------------------
From: ccat@netcom.com (Chris Beaumont)
Date: Thu, 24 Feb 1994 06:16:48 GMT
Subject: Clinton/Gore Privacy Change - BLACKMAIL?
Organization: Morningdew Associates
An interesting explanation for the new Clinton/Gore non-policy on
privacy might be intelligence community blackmail. I've heard more
implausible stories... God willing they'll see the light. I think a
government mandated ban on privacy could transform the US into a
technological backwater, and quickly, a Third World nation.
------------------------------
From: WHMurray@dockmaster.ncsc.mil
Date: Mon, 21 Feb 94 08:15 EST
Subject: Re: Electronic Banking
As I am trying to get a larger view on the problems that might
occur with the large scale introduction of electronic banking and
its possible social consequences, I'd like to know your opinion on
what might happen; would it reinforce alienation of people who are
not familiar with keyboards & screens,.....
History suggests that the adoption of new banking technology is
generational. That is, it requires 10-20 years to be adopted. Many
older people never adopt it. New exchange technology never replaces
old.
My mother's mother never used checks. My mother did not use credit
cards, ATMs, or automatic deposit. On the other hand, my 16 year old
godson has had an ATM card since he was nine.
While in absolute and relative terms, the amount of commerce that we do
in gold coin is vanishingly small, it is as great as at any time in
history. We have been talking about paperless banking since the
introduction of the credit card, but we are still losing ground. While
the amount of commerce that we do in credit cards now exceeds what we
did in checks before credit cards were introduced, it is still not
greater than what we do in checks.
what could be the employees reaction to their new working
environment,.....
Again, generational. While older people will find it disorienting,
young people think "that's the way things are."
what about privacy,etc...?
Serious issue. While the state always tries to use such technology to
improve their surveillance of "bad guys" (read "citizens," like you and
me), the international and competitive nature of banking makes that
difficult. In England they are doing a pilot of "electronic currency"
with the same anonymity as characterizes paper currency. This system
will rely upon secret codes rather than on audit trails and
reversibility. On the other hand, the government of Singapore is
introducing a system that will look very much like the English system
but will be completely traceable by the government. In the US, the
government would like to outlaw large cash transactions. The outcome
is less sensitive to the technology than to the balance of power
between a people and their government.
If you would understand this issue, read history, not contemporary
journals like this one.
William Hugh Murray, Executive Consultant, Information System Security
49 Locust Avenue, Suite 104; New Canaan, Connecticut 06840
1-0-ATT-0-700-WMURRAY; WHMurray at DOCKMASTER.NCSC.MIL
------------------------------
From: todd@meaddata.com (Todd Leonard)
Date: 21 Feb 1994 15:45:14 GMT
Subject: Re: Privacy and Sexual Crimes
Organization: Mead Data Central, Dayton OH
Chuck Weckesser <71233.677@CompuServe.COM> writes: Should Rapist's
And Pedophiles Be Forced To Register With The Authorities Every
Time They Move Away?
I have no qualms whatsoever with the concept of probation. If I'm not
mistaken, probation controls (and "registers") the moves of a convicted
person within and between jurisdictions. If there *is* validity to the
suggestion that convicted rapists and pedophiles should be monitored
following release, the appropriate response is to assign longer periods
of probation. Alternate "registries" add administrative overhead,
compound concerns for privacy and due process, and add no value to
provisions we already have in place.
------------------------------
From: flb@flb.optiplan.fi (F.Baube[tm])
Date: Sat, 19 Feb 94 0:50:16 EET
Subject: Telephone Card Audit Trails
[Taken from RISKS-FORUM Digest Tuesday 22 February 1994 (15:57) FORUM
ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS, ACM Committee
on Computers and Public Policy, Peter G. Neumann, moderator]
Here in Turku Finland one can make calls from pay phones using prepaid
cards issued by the city phone company, Turun Telelaitos. These cards
are on sale throughout the city, and are bought anonymously for cash.
On two different occasions I have had cards malfunction. When the card
is placed in a phone it is read and seen as valid, and I can dial, but
when the other party answers, and the card is locked in for debiting,
an error is generated and the call is (frustratingly!) terminated.
On both occasions I have taken the offending card to the phone
company's office. The card is passed thru a reader which displays the
card's unique identifying number. The service person then calls this
number in to another bureau, where they can dump a complete calling
history of the particular card, no doubt to verify malfunction and
protect themselves against fraud.
Having verified the card malfunction, the service person asks for a
name and address before issuing a refund (in the form of another card)
for the malfunctioning card's unused portion. I do not know whether
the name and address are ever verified; in this country I would imagine
not.
It is all well and good that they can extensively track an individual
card, and where it has malfunctioned, and that this card can be bought
anonymously, but naturally my privacy breaks down when they take my
name and address, which they can (in principle) match it to the card's
audit trail to get a partial track of my calling activities.
But given that such card malfunctions are an unusual occurrence,
related perhaps to the recent spate of subzero (fahrenheit) weather, it
does not seem to me to be an undue threat to my privacy.
Nonetheless, can anyone suggest some ideas that I might take to the
phone company to permit them to make the same checks but with a higher
level of privacy? Or should I just give them a bogus name and see if
it ever causes a problem (in the form of, for example, more intrusive
checks before issuing refunds)?
* Fred Baube(tm), GU/MSFS/88 baube@optiplan.fi
------------------------------
End of Computer Privacy Digest V4 #034
******************************
.