Date: Sun, 29 May 94 16:33:14 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V4#073
Computer Privacy Digest Sun, 29 May 94 Volume 4 : Issue: 073
Today's Topics: Moderator: Leonard P. Levine
Digicash PR
Where Can I Find PGP?
Covert Communication
Privacy Petition Request - Political
Re: Encryption in The Netherlands
Re: Encryption in The Netherlands
Re: Employee looking up your license plate number
Re: Privacy of Employee eMail at Private Businesses
Re: Anonymous Phoning
CPD will be down for a Week
The Computer Privacy Digest is a forum for discussion on the effect
of technology on privacy. The digest is moderated and gatewayed into
the USENET newsgroup comp.society.privacy (Moderated). Submissions
should be sent to comp-privacy@uwm.edu and administrative requests
to comp-privacy-request@uwm.edu. Back issues are available via
anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp"
with password "yourid@yoursite". The archives are in the directory
"pub/comp-privacy". Archives are also held at ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
From: Dave Banisar <banisar@washofc.epic.org>
Date: 26 May 1994 14:19:24 EST
Subject: Digicash PR
Organization: Electronic Privacy Information Center
Date 5/26/94
Subject Digicash PR
From Dave Banisar
To Cypherpunks List
Digicash PR
Thought this might be of some interest.
dave
---------------------------------------------------------------
DIGICASH PRESS RELEASE
World's first electronic cash payment over computer networks.
=============================================================
FOR IMMEDIATE RELEASE
(Release Date: May 27, 1994)
----------------------------------------------------------------------
Payment from any personal computer to any other workstation, over email
or Internet, has been demonstrated for the first time, using electronic
cash technology. "You can pay for access to a database, buy software or
a newsletter by email, play a computer game over the net, receive $5
owed you by a friend, or just order a pizza. The possibilities are
truly unlimited" according to David Chaum, Managing Director of
DigiCash TM, who announced and demonstrated the product during his
keynote address at the first conference on the World Wide Web, in
Geneva this week.
Electronic cash has the privacy of paper cash, while achieving the high
security required for electronic network environments exclusively
through innovations in public key cryptography. "It's the first
software only solution. In the past we've pioneered such cash for chip
cards and electronic wallets, always with a tamper-resistant chip for
storing the value--now all you have to do is download the software and
you're up and running" continues Dr. Chaum.
The product works with Microsoft(R) Windows TM, Macintosh TM, and most
UNIX TM platforms. It was shown integrated with Mosaic, the most
popular software for people accessing databases, email, or other
services on the Internet and World Wide Web. The graphic user interface
allows intuitive "dragging and dropping" of icons representing stacks
of coins, receipts, record books, etc.
The company will be supplying the technology through other firms who
will release the products, under various cooperation and trial
programs. The user software, which allows both paying and receiving
payment, will be distributed free of charge.
The product was developed by DigiCash TM Corporation's wholly owned
Dutch subsidiary, DigiCash TM BV. It is related to the firm's earlier
released product for road pricing, which has been licensed to Amtech TM
Corporation, of Dallas, Texas, worldwide leader in automatic road toll
collection. This system allows privacy protected payments for road use
at full highway speed from a smart card reader affixed to the inside of
a vehicle. Also related is the approach of the EU supported CAFE
project, of which Dr. Chaum is Chairman, which uses tamper-resistant
chips inserted into electronic wallets.
The underlying 'blind signature' technology was described in the
article "Achieving Electronic Privacy," by David Chaum, Scientific
American, August 1992.
----------------------------------------------------------------------
For more information contact:
DigiCash bv info@digicash.nl
Kruislaan 419 tel +31 20 665 2611
1098 VA Amsterdam fax +31 20 668 5486
The Netherlands
----------------------------------------------------------------------
------------------------------
From: mb2@kaiwan.com (Mark Brown)
Date: 27 May 1994 23:24:06 -0700
Subject: Where Can I Find PGP?
Organization: KAIWAN Internet (310/527-4279,818/756-0180,714/741-2920)
I was under the impression that PGP was availible via ftp. After doing
an archie search I tried four different sites and the only thing I
could find were doc and text files relating to PGP but I can't seem to
find the program. Does anybody know where I can find it ?
------------------------------
From: thebry@delphi.com
Date: 28 May 94 22:16:33 -0500
Subject: Covert Communication
Organization: Delphi (info@delphi.com email, 800-695-4005 voice)
A novel is being written about a future that is governed by a police
state. Communication is via the internet and must be covert. If you
would like to participate, email FuturePlot-request@peti.GUN.de and
leave the subject blank and type Subscribe (or Add) in the body. Wait
a couple of days for info.
------------------------------
From: nzook@bga.com (Nathan Zook)
Date: 29 May 1994 20:44:02 GMT
Subject: Privacy Petition Request - Political
Organization: Real/Time Communications - Bob Gustwick and Associates
Sorry for the delay, folks!
I need your signatures by 2100 hrs, 08 June 94. You will notice that I
have broken things down considerably. Thanks to David Smith of Austin
EFF for guidance, and Realtime Communications for technical support!
This is an e-mail petition drive. Please crosspost to all who may be
interested!!
I shall not use this list for solicitation, nor shall I release this list
to anyone who does not agree not to release this list, and not to use it
for solicitation. Exception: I shall present this list to every elected
official I can access.
You shall not receive a confirmation notice. A report will be sent to
the newsgroups. Please fill in the support statement with X's in the
appropriate positions. Do _NOT_ delete part of the statement. Please
include the line of astericks in your letter.
You may retrieve the resolutions list, with form letter, my reasons list,
and the Mass bill by anonymous ftp.
ftp ftp.bga.com
Name: anonymous
Password: <your address here>
cd pub/misc
get PrResolutions
get PrReasons
get PrMass
quit
Which ever suits your fancy.
To add your name to the petition, snip the form letter at the bottom of
PrResolutions or of this note. Fill it out, and e-mail it to nzook@bga.com.
DO NOT TRIM THE LETTER!!! PLEASE!!!
Just because you are a 16-year old from Brazil doesn't mean that your
signature doesn't count. Please, everyone that supports this, send it
in.
If you want to use this list to influence _your_ state government, e-mail
me at nzook@math.utexas.edu.
I, the undersigned, hearby request that the following resolutions be
added to the platform of the Republican party in the state of Texas, and
that Republican officeholders undertake all legal means to implement
these resolutions:
1) Resolved, that no governmental trapdoor encription standards be
advanced for use in any civilian communication systems. (Clipper chip,
Digital Telephony Act)
2) Resolved, that the Republican party in the state of Texas petitions
Congress that encryption systems or algorithms publicly available outside
the US not be classified as munitions.
3) Resolved, that the Republican party in Texas petitions the US patent
office to reconsider the RSA patent, to narrow its scope to be in line
with the contribution of the authors, and to further the national
interest, in privacy and in commerce.
4) Resolved, that the Republican party in Texas urges the appropriate
agencies to develop and advance a system for secure communications which
fully preserves the privacy of the communicators.
5) Resolved, that the Republican party in Texas petitions Congress that
it adopt a bill patterned after House Bill No. 4491 of the Massachusetts
179th General Court, 1994 Regular Session by Mr Cohen of Newton to reduce
the chance of records being inadvertently made available to persons
without proper authorization.
6) Resolved, that the Republican party in Texas petitions Congress that
it adopt a bill to prohibit the cross-use of ID numbers between legal
entities, except for those purposes in which the use of such a number is
necessary; and that entities requesting or using such numbers without
being able to produce proof of their authority to do so shall be liable
for damages--both in small claims court, and by federal agency; and that
specifically the use of SSNs for driver's licenses, school IDs, or
military IDs shall be prohibited.
7) Resolved, that the Republican party in Texas petitions the Texas
legislature to adopt bills to these effects, adjusted as appropriate.
Nathan Zook (nzook@bga.com)
*****************************************************************************
Notice of support for the privacy resolutions posted by Nathan Zook in
May of 1994:
[ ] I support all seven resolutions.
[ ] I support only the following resolutions:
1 [ ] 2 [ ] 3 [ ] 4 [ ] 5 [ ] 6 [ ] 7 [ ]
[ ] I am a US citizen.
[ ] I am not a US citizen.
[ ] I am a legal resident of this state. (eg:TX,LA or KS; or XX if not US)
[ ] I am this many years old.
[ ] This is a changed statement, please disregard previous notice.
I understand that falsifying a petition may result in legal charges, and
I have not sent a duplicate signature, under any alias, except as noted
above.
------------------------------
From: david@c-cat.PG.MD.US (Dave)
Date: 27 May 94 08:40:43 EDT
Subject: Re: Encryption in The Netherlands
Organization: China Cat BBS (301)604-5976
rcsacw@urc.tue.nl (Christ van Willegen) writes: THe government in
The Netherlands is thinking about a law to make all encryption of
messages and/or files in The Netherlands a criminal offence. They
want to do this because of the encryption used by criminals (so the
police etc. won't read their files).
a big concern here would be with Internet sites in the Netherlands and
the use of the simple ROT-13 encription widely available.
if this law was enacted, what would this effect be for these internet
sites that would pass along information say for example a ROT-13
excripted joke from the U.S. in rec.humor.funny
would this be illegal or accepted ?
David R. Ristau
========================
david@c-cat.pg.md.us
uunet!anagld!c-cat!david
------------------------------
From: R._Braithwaite-Lee@magic-bbs.corp.apple.com
Date: 27 May 1994 16:06:02 EST
Subject: Re: Encryption in The Netherlands
Organization: M A G I C
To: rcsacw@urc.tue.nl (Christ van Willegen) The government in The
Netherlands is thinking about a law to make all encryption of
messages and/or files in The Netherlands a criminal offence. They
want to do this because of the encryption used by criminals (so the
police etc. won't read their files). ...SNIP... Then, there was a
letter to a newspaper consisting of 2 paragraphs. The first was
(it seemed) a random collection of characters, the second said:
"Now, let THEM try to prove if the above is garbage or an encrypted
message (note that that's impossible to prove). Anyone have
anything to say on this subject?
Actually, the message you describe *is* definately an encrypted
message. So is this post. Any message can be transformed into another
message of the same length with the correct one time pad.
Regards,
Reginald !:-)
Public Key Fingerprint: D8 B8 C1 D0 DD 56 20 B4 06 A2 81 83 87 E8 8B 64
(Send message with subject "HELP" to pgp-public-keys@pgp.ox.ac.uk)
please cc: all replies and follow-ups to 73114.2055@compuserve.com. Thanks!
------------------------------
From: jmm@elegant.com (John Macdonald)
Date: 26 May 1994 12:41:15 -0400 (EDT)
Subject: Re: Employee looking up your license plate number
dwn@dwn.ccd.bnl.gov (Dave Niebuhr) said: Are you sure it was from
the plate? Most government agencies that I know of routinely issue
a sticker to facilitate entrance and exit from the site. This is
also true for my daughter's truck that she uses to go back and
forth from college. I'd suspect that the sticker was used.
It might even be simpler than that - there have been a couple of
companies that I worked for that asked (not required) that you just
tell them the license plate of your car when you started working with
them. (It has been a frequent item on visitor registration forms when
I'm at customer sites.) In my first job at Control Data, there were a
number of times when I got a phone call from the front desk to tell me
that I'd left my headlights on - so, against the disadvantages of loss
of privacy you have to trade the advantages and decide which is likely
to be more significant.
--
That is 27 years ago, or about half an eternity in | John Macdonald
computer years. - Alan Tibbetts | jmm@Elegant.COM
------------------------------
From: eck@panix.com (Mark Eckenwiler)
Date: 26 May 1994 16:34:29 -0400
Subject: Re: Privacy of Employee eMail at Private Businesses
Organization: Superseding Information
bernie@fantasyfarm.com sez: Many of us have long been pointing
out/arguing that employees should expect *NO* privacy when using
company computer resources [unless given assurances of such
privacy].
To expand/clarify: by its own terms, ECPA applies only to providers of
electronic communication services *to the public*, so it isn't
applicable in the employer/employee context.
Title III is arguably relevant -- it certainly covers e-mail as well as
telephone communications -- but there are two reasons it's not a useful
remedy in most cases. First, existing caselaw leans heavily toward
interpreting "interception" as being limited to unlawful acquisition at
the time of transmission. This excludes the case of an employer
invading your mailbox to read messages that have already arrived. This
means that unless your employer's mailer daemon is set up to make a
copy of messages _en route_ (or some similar mechanism is in place to
grab communications when sent), the courts are unlikely to find a Title
III violation.
Second, section 2511(2)(d) permits interception with consent.
"Consent" can be manufactured by the owner/operator simply by notifying
users that email may be inspected. In this regard, employees are no
better off than prisoners using conspicuously marked tapped phones in
the local joint.
FYI, Sen. Simon of Illinois has in recent sessions repeatedly sponsored
the Privacy for Consumers and Workers Act, which (while not prohibiting
surveillance by employers) imposes some limits on the manner of
employee monitoring and the types of data that may be collected. The
House version of PCWA was approved for full committee action in the
Education and Labor Subcommittee on 2/23/94.
Note followups to comp.society.privacy.
------------------------------
From: R._Braithwaite-Lee@magic-bbs.corp.apple.com
Date: 27 May 1994 17:58:17 EST
Subject: Re: Anonymous Phoning
Organization: M A G I C
Hello:
I recently subscribed to Bell Canada's "PrimeLine" service which
provides users with a 'virtual' telephone number. You get an incoming
number which you forward to you home or business. It also takes
voicemail messages for an extra $6.00 a month.
There is an extra feature which allows you to make outgoing anonymous
calls. If you call in for messages, you can press "9" to get an
outbound line. This feature is for the convenience of users who are
calling from a phone booth--they can pick up a message and immediately
return the call w/o putting another quarter in the booth.
Since the call is routed through Bell's switch, the receiving party has
no idea where you're calling from. I use this at home when making
certain kinds of calls.
Regards,
Reginald Braithwaite-Lee
Public Key Fingerprint: D8 B8 C1 D0 DD 56 20 B4 06 A2 81 83 87 E8 8B 64
(Send message with subject "HELP" to pgp-public-keys@pgp.ox.ac.uk)
please cc: all replies and follow-ups to 73114.2055@compuserve.com. Thanks!
------------------------------
From: Prof L. P. Levine <levine@cs.uwm.edu>
Date: 29 May 1994 15:58:17 CST
Subject: CPD will be down for a Week
Your moderator (me) will be at the Spring Internet World meeting in San
Jose so this will be the last posting until 6/7/94.
------------------------------
End of Computer Privacy Digest V4 #073
******************************
.