Date: Wed, 26 Oct 94 11:39:48 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V5#053
Computer Privacy Digest Wed, 26 Oct 94 Volume 5 : Issue: 053
Today's Topics: Moderator: Leonard P. Levine
Re: How to Verify Your Phone Number
Re: How to Verify Your Phone Number
Re: The Mother of All Utility Bills
Oceania Bill of Rights
Re: Eastwood Door Problem
Planting "Mistakes" to Guard Copyright.
We can Communicate with Each Other
Re: Cellular Phone Fraud Revisited
Tempest Restrictions in USA
A Tempest Paper
Info on CPD, Contributions, Subscriptions, FTP, etc.
----------------------------------------------------------------------
From: "J. A. Viehweg" <jviehweg@ahhgo.com>
Date: 24 Oct 1994 21:21:50 -0500 (CDT)
Subject: Re: How to Verify Your Phone Number
> 1 800 MY-ANI-IS yields the correct number from here in 301-land.
This number works for 708 (Naperville, IL) *67 worked as well.
Dialing "958" did not work.
While testing it, I misdialed and got a message something like: "You
have dialed a personal 800 number, not a business. Please enter the
pin." This is the first time I have heard such a message. What I am
wondering is if you can get a "private" 800 number for a business as
well?
/----------------------------------------------------------------------\
| I read recently that human beings use only 15% | Jaime A. Viehweg |
| of their brains capacity. Makes you wonder | |
| what they do with the other 75%. | jviehweg@ahhgo.com |
|----------------------------------------------------------------------|
| Disclaimer: It's my system, so what I say goes! |
\----------------------------------------------------------------------/
------------------------------
From: David Beiter <0006351762@mcimail.com>
Date: 24 Oct 94 22:06 EST
Subject: Re: How to Verify Your Phone Number
When I tried MY-ANI-IS, it returned 606-387-0000.
However I called from 606-376-3137.
606-376 is Stearns, Kentucky, serviced by Highland Telephone
Cooperative, Inc., of Sunbright, Tennessee. Not a big outfit, since
the two Tennessee and one Kentucky counties which constitute its entire
service territory have a aggregate population of about 50,000.
606-387 is Albany, Kentucky, a couple counties away and serviced by GTE
South.
Any ideas of what is happening???
It works as advertised from 606-348 in Monticello, Kentucky, in the
intervening county. GTE South territory.
Back at 606-376, the 958 option yielded "You have called a number which
has been disconnected or is no longer in service". I'll try this again
when I visit GTE South country.
And that's the ANI story from here,
on the edge of _,,-^`--. byter@mcimail.com
The Boonies .__,-' \ David P Beiter
halfway between _/ ,/ 1/2 Fast Road
Slavans & (__,---------*-'' Ritner, KY 42639
Freedom via canoe. ^Ritner, KY 606/376-3137
------------------------------
From: centauri@crl.com (Charles Rutledge)
Date: 24 Oct 1994 19:40:01 -0700
Subject: Re: The Mother of All Utility Bills
Organization: CRL Dialup Internet Access (415) 705-6060 [login: guest]
Date: 21 Oct 1994 13:08:57 -0500 (CDT)
From: "F. Barry Mulligan" <MULLIGAN@ACM.ORG>
Subject: "The Mother of All Utility Bills."
from The Atlanta Constitution, Tues 18 Oct 1994, p.1, by
Christopher C. Warren Imagine a single monthly statement listing
all utility charges, including phone, cable, gas, electricity,
water, garbage collection and sewerage charges. It could be the
mother of all utility bills and would allow consumers to write only
a single check for all their services. One Check, as the proposal
is being touted, would ease consumer's household management by
reducing utility bills to one monthly payment, said Maureen Bailey,
vice president of public affairs with American Express, the company
proposing the service.
As a resident of the test market, I was a little shocked that American
Express was trying to gain yet another foothold on my life. A friend
of mine who helped write parts of the Georgia Power billing software
said that there are incentives for the utilities to move this way
(mostly to pawn off the hassles on someone else). Of course the bit
about the utilities sharing the cost is just window dressing, since
they will enevitability pass their costs onto us.
Risks? A little late with one payment and you're instantly in
arrears with every company in town. Billing disputes "still would
be handled through the individual utility companies", but what if
the utility says it didn't get a payment you sent to the service
company? If your combined statement is mailed on the 15th and a
utility transmits a new charge to the service bureau on the 16th,
what happens to the payment grace period? If you've ever had to
rob Peter to pay Paul, how do you deal with Peter & Paul,
Amalgamated?
This actually isn't my biggest concern. The real question seems more
along the lines of who is AMEX going sell this new source of
demographic information to? How will all this information be
protected, if at all, and do I get any choice in the matter?
Perhaps the real question is 'Do I want to give a complete,
itemized description of all monthly utility consumption to American
Express?' (and pay for the privilege).
The Gwinnett County Commission has said that participation is
voluntary, though I gather paying the costs won't be. How long it
remains voluntary is anyone's guess. If this works out for the
utilities and county government, it's unlikely they'll want to maintain
two billing methods and force the holdouts into the AMEX system. And,
as is always the case with a government sponsered monopoly, if we don't
like -- too bad.
For now, my vote is not to participate and wait and see.
--
Charles Rutledge | Liberty is a tenuous gift. Hard to win, easy
centauri@crl.com | to give away, and no will protect it for you.
------------------------------
From: oceania@terminus.intermind.net (Eric Klien)
Date: 24 Oct 1994 21:31:21 -0700
Subject: Oceania Bill of Rights
Organization: Intermind Online Services
"D.The Right to Encryption: An Oceanian has the Right to encrypt eir
conversations and data. Such encryption cannot be used as evidence that
the Oceanian is doing something wrong or illegal. This Right extends to
all forms of information an Oceanian deems should be secure regardless
of format, whether paper, electronic, holographic or other, and
regardless of content.
An Oceanian has the Right to use any encryption algorithms or
computer software available. The Government may not restrict free
trade in encryption software by calling it "munitions"."
Did this info interest you? Then it is time that you learned about the
new country Oceania, the sea-city in the Caribbean.
To subscribe to our mailing list, send the message SUBSCRIBE OCEANIA-L
<Your e-mail address> to listproc@butler226a.dorm.tulane.edu.
To get a list of our various files on line, send the command INDEX
OCEANIA-L to listproc@butler226a.dorm.tulane.edu.
------------------------------
From: rj.mills@pti-us.com (Dick Mills)
Date: 25 Oct 94 08:54:41 EDT
Subject: Re: Eastwood Door Problem
Only a couple of commentators picked up on the cardinal rule of
computer ethics discussions. Namely, rephrase the question in a non-
computer setting. Nearly always, this results in discovering an apt
analogy from everyday life, (like the doorman's log), and the
conventional solution, (Some keep logs, some don't, some hold them
private, some don't).
Should the data be kept at all? Obviously, keeping no records sounds
like a simple solution. I would be afraid though, that in our litigous
world, somebody would want to sue us for being negligent if we could
have recorded the burglar's attempts to enter but didn't. The court
might throw it out, but it might not.
Another solution could be to not keep the records permanently, but
rather to mail notifications of unauthorized entry to all tenants, then
immediately destroy the central record. This moves custody of and
liability for the data over to the tenants. Of course the data would
have to be recorded at least temporarily until mailed.
Since we're debating theory rather than practicality, we can imagine a
more secure system in which the entry transaction notification messages
were encrypted with each tenant's public key. Then there would be no
chance of unauthorized snooping, or of a court subpoena for the
records.
But even such a secure system could cause trouble. Suppose I came home
one night rather tipsy and mistakenly tried to gain entry to the
building next door to mine. A doorman or a passer-by seeing my
condition would probably offer me assistance in finding the right
door. Tenants who received notice in the mail about my attempt, but
not knowing the circumstances, might report me to the police. That
could cause me actual damage. I might be tempted to sue the computer
owner for harassment.
That brings us to the underlying point. Machines can never be as humane
as humans (why should that take insight to see?). Whenever we allow the
machines to encroach on domains which heretofore were exclusively
human, the result is friction and problems.
In the end, the best advice is probably the simplest. Record nothing,
observe nothing, make it simulate the old unintelligent metal key.
Ps. Might the recently enacted "stalking" laws change the legal
definition of what is private and what is public? If I sit in the
street outside someone's home and record their comings and goings, I
may be guilty of stalking. Would I be less guilty if I let a machine do
it for me?
------------------------------
From: "/DD.ID=OVMAIL1.WZR014/G=DANIEL/S=STICKA/"@EDS.DIAMONDNET.sprint.com
Date: 25 Oct 1994 10:02:58 -0400
Subject: Planting "Mistakes" to Guard Copyright.
The practice of planting addresses in a mailing list to guard against
unauthorized re-use is similar to the map publishing trick of printing
fictitious cities that would be recognized on an illegal copy. That
trick always struck me as a bit risky: "Yes, honey, I know I'm almost
out of gas, but the atlas shows Fort Smelly is just ahead."
--
Dan Sticka
Dallas
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 26 Oct 1994 07:08:56 -0500 (CDT)
Subject: We can Communicate with Each Other
Organization: University of Wisconsin-Milwaukee
Date: 25 Oct 1994 19:36:14 -0700
Reply-To: marsha-w@uiuc.edu
Originator: cpsr-global@cpsr.org
From: marsha-w@uiuc.edu (Marsha-W)
To: Multiple recipients of list <cpsr-global@cpsr.org>
Subject: we can communicate with each other
Roger Rydberg of CPSR Minnesota found the following quote:
I think the electronic communication may be one of the hopes of the
human race. That we can communicate with each other without having to
depend on the ruling class telling us what we must think. That
ordinary folks all around the world will be getting in touch with each
other by computers and fax and telephone and so on. This makes me
optimistic. On the other hand I'm essentially a super conservative
person. If I'd been around when somebody was inventing the wheel I
would have said, "Don't."
--
Pete Seeger
interview on KSJN FM
Minneapolis, MN
January 21, 1994
------------------------------
From: Mike Crawford <crawford@scipp.ucsc.edu>
Date: 24 Oct 1994 22:48:59 -0700
Subject: Re: Cellular Phone Fraud Revisited
It seems to me that anyone could make a good business of selling
semi-secure cellular channels.
An encryption device would be installed in a cellular phone. The
cellular customer would dial a certain number. After the number
answers, the customer dials the number they actually want to reach.
The security provider decrypts the call and places it onto the phone
system in the clear.
This would at least get around casual scanning. I would be quite
astounded if there weren't people in Silicon Valley and other
industrial or governmental centers, who listen to and tape every phone
conversation, and then sell secrets, stock tips, and evidence of
illicit affairs on the market. Such folks would at least have to learn
how to tap a real phone - thus driving the high school kids out of the
market and leaving it to the professionals to whom espionage rightly
belongs ;-)
Such a provider would be obligated by the DT bill to provide the key to
the cops... but if one manufactured a device for doing this - it would
basically be a modem with a single-board IBM PC attached, that booted
entirely off its ROMS - then those unwilling to trust a service could
buy one to place in their home, office, or subverted payphone booth.
Let us at least have casual privacy for regular people.
Mike Crawford | Doing Business with PGP FAQ Maintainer
crawford@scipp.ucsc.edu | E-mail me if you accept encrypted credit card orders
crawford@maxwell.ucsc.edu <-- Finger Me here for Public Key, ID 4A E9 76 39
------------------------------
From: kadokev@ripco.com (Kevin Kadow)
Date: 24 Oct 1994 21:04:50 -0500 (CDT)
Subject: Tempest Restrictions in USA
jOelm@eskimo.com (Joel McNamara) writes: I just finished Winn
Schwartau's "Information Warfare." In the van Eck chapter, a
source makes the following statement, "In the United States, it
is illegal for an individual to take effective countermeasures
against Tempest surveillance." This is attributed to a
privately circulated document by Christopher Seline, titled
"Eavesdropping on the Electro- magnetic Emanations of Digital
Equipment: The Laws of Canada, England, and the United States"
(June 7, 1990).
is there any statute or case law listed in the book. I met Winn,
and while he is a nice guy, some of his facts and reality base are
a little off.
I believe that he may be referring to ACTIVE countermeasures by
generating extra RF static- that could be covered by FCC regulations,
but it would be ludicrous for them to try to restrict LOWERING of RF
noise output.
--
KADokev@ripco.com Kevin Kadow
FREE Usenet/Mail, inexpensive Internet - Ripco... Wearing white hats since 1983
Dialup:(312) 665-0065|Gopher:gopher.ripco.com|Telnet:foley.ripco.com ('info')
------------------------------
From: david.m.kennedy@CEORD-PM.mail.usace.army.mil
Date: 25 Oct 94 19:55:31 Z
Subject: A Tempest Paper
TEMPEST.TXT (45K) is available by anonymous ftp from: csrc.nist.gov in
directory pub/secpubs
For modem users: (301) 948-5717 speeds up to 28.8
Winn's book is on my stack of "to read" and I didn't find the passage
Joel was referring to flipping through it during half-time last night.
TEMPEST.TXT states, I believe correctly, that it is illegal to posess
some types of specialized electronic evesdropping equipment necessary
to intercept tempest-type, e.g. Van Echt, emanations. *If* Winn states
it is illegal to protect your equipment, that is derived from the
inability to legally check your own equipment due to above limitation,
or that the US government's standards for emanations is classified. To
my personal knowledge, it is not illegal to shield your equipment. I
believe there are vendors, particularly in the D.C. area who specialize
in selling systems that meet US gov't standards.
Opinions are mine and don't reflect official positions etc....
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 26 Sep 1994 12:45:51 -0500 (CDT)
Subject: Info on CPD, Contributions, Subscriptions, FTP, etc.
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions generally are acknowledged within 24 hours of
submission. An article is printed if it is relevant to the charter of
the digest. If selected, it is printed within two or three days. The
moderator reserves the right to delete extraneous quoted material. He
may change the subject line of an article in order to make it easier
for the reader to follow a discussion. He will not, however, alter or
edit or append to the text except for purely technical reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V5 #053
******************************
.