Date: Sun, 06 Nov 94 08:51:51 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V5#058
Computer Privacy Digest Sun, 06 Nov 94 Volume 5 : Issue: 058
Today's Topics: Moderator: Leonard P. Levine
Digital Signature Alternatives
Dutch TV Wants Info on Privacy Invasion
Re: Planting "Mistakes" to Guard Copyright
Re: Mother's Maiden Name
Discover Card Code?
Digital Telephony
Re: Driver's License as universal ID
Corporate Electronic Communications Policy
Re: Again, Securest Cordless Phones
Re: Email Privacy Alert
NTIA Virtual Public Conference, an Invitation
Info on CPD, Contributions, Subscriptions, FTP, etc.
----------------------------------------------------------------------
From: Bob Bales <74774.1326@CompuServe.COM>
Date: 04 Nov 1994 03:05:18 GMT
Subject: Digital Signature Alternatives
Organization: National Computer Security Association
Hospitals, banks, insurance companies and other organizations are
looking to replace paper with electronic documents, but they need a way
to "sign" those documents for legal and control purposes.
A new paper written by noted author, attorney and electronic commerce
expert Benjamin Wright considers the practical features of two
alternative signing methods: smart-card based public-key cryptography
and PenOp, a pen computer technology that captures handwritten
autographs. Wright argues that PenOp holds certain advantages over
public key cryptography.
If you would like to receive a copy of this paper, please send me an
EMail to which I can simply "reply"; I'll send you a copy.
--
Bob Bales | CompuServe InfoSec Forum: GO NCSA
Natl Computer Security Assoc| Phone: 717-258-1816
10 South Courthouse Avenue | Fax: 717-243-8642
Carlisle, PA 17013 | Email: 74774.1326@compuserve.com
------------------------------
From: groenewo@fwi.uva.nl (Ferry van het Groenewoud)
Date: 04 Nov 1994 15:28:43 GMT
Subject: Dutch TV Wants Info on Privacy Invasion
Organization: FWI, University of Amsterdam
A Dutch television program is looking for existing, well-documented
examples of privacy invasion by either the goverment, employers or
other parties. Cases of employers invading the privacy of employees at
the workplace by whatever means (wiretap, reading personal mail) are
preferred.
If you respond on the latter subject, please state in what way the
privacy of the employee was invaded, and what the consequences were.
Veryfiable stories will be considered only.
Similar demands hold for the subject of privacy invasion by other
parties.
All information will be treated confidentially. Anyone who responds
will remain anonymous, also when this item will be broadcasted.
Respond by E-mail only to groenewo@fwi.uva.nl or by replying to
this message.
--
Ferry van het Groenewoud
------------------------------
From: daf1@cec.wustl.edu (Danyel A Fisher)
Date: 04 Nov 1994 12:32:53 -0600
Subject: Re: Planting "Mistakes" to Guard Copyright
Organization: Washington University, St. Louis MO
How does one tell an illegal copy from a legitimate one, when
the legitimate copy contains the fictitious city?
One local map printer lists important features in places where they
shouldn't be. An example is the high school which is shown mixed
up with an elementary school. Another is the nearest Coast Guard
Station closer to a main road than the bay it sits beside. A third
is an historical site is listed where a Native American Reservation
is located yet neither is tied to the other in any way.
Well, we should distinguish between "incompetent" mapmakers and "copy
protected maps". Adding the town of nowhereville in the middle of the
mojave desert is copy protection (or adding on asuburb to long
island....), but messing up parts of the city is entirely another.
That defeats the purpose of the map: to provide information and travel
directions. Your local map fails to do so. Either your city council
doesn't want anyone to visit, or the map printer is clearly
incompetent.
Similarly, some of the Washington, DC tourist maps, in their attempts
to "unclutter" and simplify te complex connections to the city, have
lost all realism: removing major arteries, striking out one-way
indicators (or, worse, reversing them!), and making clear copying
mistakes. [Rand McNally has "George St." cross "Smith Parkway." Brand
X, copying clumsily, has the "George Smith Parkway" not crossing any
streets!]
I'm sure the same thing happens in other states and places.
--
Danyel
------------------------------
From: Barry Margolin <barmar@nic.near.net>
Date: 04 Nov 1994 16:01:36 -0500
Subject: Re: Mother's Maiden Name
Organization: NEARnet, Cambridge, MA
snorthc@relay.nswc.navy.mil (Stephen Northcutt) writes: So, why is
my mom's maiden name getting so important?
If someone steals your wallet they'll get your Social Security card and
credit cards, so they'll know all the important numbers. It's unlikely
that your mother's maiden name is written down anywhere that a thief
would find it, so it's a common identity check.
--
Barry Margolin
BBN Internet Services Corp.
barmar@near.net
------------------------------
From: steve@owlnet.rice.edu (Steven Minor McClure)
Date: 04 Nov 1994 23:00:30 GMT
Subject: Discover Card Code?
Organization: Rice University, Houston, Texas
Stephen Northcutt <snorthc@relay.nswc.navy.mil> wrote: ...
Yesterday, Discover (with whom I have had an account for 5 yrs)
wrote and asked for my SSN, DOB, and mother's maiden name.
Did you notice the patch of seemingly random dots on the front of the
form?---probably your account number encoded somehow.
Except it looks like there's enough detail there to store way more than
the 16 or so digits of the account number.
Anybody know what algorithm they might be using (or what else might be
stored there?) ?
--
STeve
------------------------------
From: ghodur@netcom.com (Gayle Hodur)
Date: 04 Nov 1994 23:19:20 GMT
Subject: Digital Telephony
Organization: NETCOM On-line Communication Services (408 261-4700 guest)
I have tried through several online legislation databanks to find out
what happened to the DT bills after they reached the president's desk.
Did he sign them into law or not? Locis and some of the other bill
tracking services are not updated frequently enough to help me. If
someone knows the results on these bills, please inform.
S 2375
HR 4922
--
ghodur@netcom.com
------------------------------
From: docjoe@delphi.com (Joseph E. Nelson)
Date: 05 Nov 1994 01:08:25 GMT
Subject: Re: Driver's License as universal ID
Organization: Delphi Internet Services Corporation
It makes me wonder. In a year or two, I will be getting my New York
license which will have a magnetic strip. Should I sabotage it even
before I have the opportunity to have it read? How many people will I
P.O.
____________________________________________________
| Joseph E. Nelson, DMD | Rural Dentist |
| docjoe@delphi.com (preferred) | Greene, NY 13778 |
| 75122,3062@compuserve.com | LT, DC, USNR-R |
----------------------------------------------------
------------------------------
From: rj.mills@pti-us.com (Dick Mills)
Date: 05 Nov 94 09:50:33 EST
Subject: Corporate Electronic Communications Policy
The following is a corporate policy proposed for adoption at my
company. The purpose of the policy is to protect the company from
lawsuits. The fear of lawsuits was prompted by press reports of
workers in California who sued because their company had inspected
their "private" email records. What do followers of comp-privacy
have to say about this policy as written?
_Electronic Communication Policy_
Electronic communications, including electronic mail,
voice mail, facsimile and all other forms of electronic
media are company-owned resources, and are provided as
business communication tools.
Employees who use the electronic media for personal use
do so at their own risk and expense. [Company] will
share no responsibility for incidents of harassment,
sexual harassment, slander, malice, defamation of
character or other civil or criminal actions which occur
or are alleged to have occurred through the personal use
of [company] electronic communications. The
responsibility for and the defense against such actions
or claims is solely that of the individual.
[Company] reserves the right to review all electronic
records and communications, although it not the intent
to do so except for legitimate business reasons. The
message originator's department manager and corporate
officers are the only individuals authorized to review
these messages except with specific written permission
from the president. The message originator will be
notified as soon as possible if messages are reviewed.
Electronic messages should be drafted with the same
thought and concern devoted to written or verbal
communications, and there can be no guarantee of privacy
for electronic communications. Please exercise good
judgment when using these media.
Improper use of [company] electronic communications may
result in disciplinary action up to and including
discharge from employment.
------------------------------
From: Shawn Leard <71370.2551@compuserve.com>
Date: 06 Nov 94 02:16:40 EST
Subject: Re: Again, Securest Cordless Phones
CHRISDENNIS@delphi.com writes: A few weeks ago, there was a small
discussion of the most secure cordless phones available to
consumers. However, I don't believe much else was said other than
the new Motorola "secure" phones can be easily scanned.
I, and other readers I'm sure, would like to know what is the
securest on the market in the 900MZ range. And preferably under
$300 street! ;-) Or at least please point me in the right direction
on where to look for this info.
Your best bet would be the Uniden with "spread Spectrum." This being
the closest you can get to that of a standard hard wired phone
(security wise) and still have the freedom of a cordless. The problem
with the so called "digital encryption" that so many cordless phones
use is this is no more than simple phase inversion in most cases. In
other words useless. Even with this so called security it is still
quite easy for someone to intercept your conversations and listen in.
The fancy phrases that refer to X number of secured channels and the
like have nothing to do with protect your conversation. The purpose of
this is in the event you would leave your handset out of the base
someone could not stand outside with their cordless and access your
base. This still could be done but it would require some work though.
Best Regards,
Shawn
------------------------------
From: Richard Threadgill <richardt@remarque.berkeley.edu>
Date: 04 Nov 1994 10:42:36 -0800
Subject: Re: Email Privacy Alert
After the recent posting from Mr Henderson's Journalism class regarding
the authentication (or lack thereof) of electronic mail systems in
current network computing systems, I sent them the following message,
which I also wish to share with the larger community. In it, I discuss
the comparisons between the existing postal, telephone, and electronic
mail systems, and their levels of security and authentication.
As a subscriber to the Computer Privacy Digest, I recently recieved a
copy of a message your class sent under a falsified return address.
You, and your students, appear to be under the mistaken impression that
this ought to be a difficult and complex task. I wish to draw your
attention to a number of observations about the strength of return
identification in the physical world, and perhaps suggest some
parallels for thought in the electronic world.
Let us start with the physical postal system. Your normal run of the
mill postal letter may have up to four identifying elements: A
postmark, indicating the major-city-of-origin; a return address on the
outside of the envelope; a postal purchase code (in lieu of a stamp -
this is identifying because the postal code a firm uses is tied to that
firm); any identifying information inside the letter which claims to
identify the sender. As well, there are two reciever identifying
elements: The address on the ouside of the letter, and any directive
information inside. Now, let's consider the security of each of these
elements. We generally assume the postmark is fairly trustworthy, and
courts have accepted it as a proof of date and location. It is a
federal postal crime to muck with the postmark, and I believe they are
rarely falsified. However, if I mail an envelope to the postmaster of
a major city, with valid postage, which contains a second envelope,
also properly stamped, they will postmark the internal envelope and put
into the postal delivery system. This may be considered comparable to
existing electronic anonymous remailing systems. The postal purchase
code also helpfully dates the envelope - allowing simple falsification
of the postmark which it generates (the dates are entered manually into
the stamping device; such stamping devices are a routine piece of
business equipment). Again, not what we would call a high trust
device, just one which people rarely think to falsify. A return
address on the outside of the envelope is similarly uninformative -
many organizations and individuals do not even place one on their
outbound mail! Finally, there is the return information inside the
envelope. This, of course, is not verifiable, nor should it be, as
that involves an unacceptable level of intrusion by the postal process
into the process of delivery of mail, namely routine examination of the
content of mail. I should not need to explain the dangers inherent in
that to a Journalism class.
Before comparing this to the constraints of electronic mail, let us
also consider the telephone system. Many people think of electronic
mail as being much more similar to telephone calls than to postal mail
because of the immediacy of electronic mail composition and delivery.
However, or rather, thus, let us consider the telephone system as
well. A normal telephone call contains no return information
identifying the originator at all. This is changing as regions begin
to offer caller-id technology, but even then that is a situation where
the system reports the (logical) address of the originating device (the
calling telephone) while giving no information at all about the actual
calling party. It is presently believed to be technologically
difficult to falsify this information, but I would humbly suggest that
it is simpler to persuade a telephone switch to falsely report the
calling number than it is to insert a parcel into the postal system, as
inserting a parcel requires a fair bit of physical stealth while
modifying the behavior of a phone switch requires only electronic
finesse. Thus, phone systems rely on the content of the message (the
caller identifying themselves) to identify the sending party, and to
provide return address information (if any). This has become a real,
significant problem in the political and charity arenas. I once
recieved a phone call from an (alleged) charity organization which went
to great pains to encourage me to believe that they were affiliated
with my local police department, but which admitted, when pressed, that
they had no such affiliation at all. Most of the people they
canvassed, I feel fairly confident in saying, were probably duped by
the name of their organization and the automatic level of trust placed
in any organization identifying itself as related to law enforcement.
One final note about the telephone system: While we must of course rely
on the caller's honesty when they are unknown to us, we generally
believe that we can trust our own ability to recognize someone's
voice. This is not always reasonable, however, whether because the
calling party is someone we do not often hear from, has a health
problem affecting their voice, or because someone has actually gone to
some effort to disguise their voice as an act of misdirection. That
may sound far-fetched, but I encourage you and your students to
consider how many of their casual acquaintances can be mistaken for one
another on the telephone. I suspect many of us have had the unsettling
experience of making dinner plans or the like, only to discover that we
had been speaking with the roommate of the person we were tryingt to
reach!
This brings us to the electronic realm. There are a number of
identifying elements, all of which can be falsified with varying
degrees of effort. There is a comprehensive trail of machines which
have touched the piece of mail, including timestamps and hopefully
unique message identifiers. There is a From line which is normally
generated by the originating mailer, but which may be modified in rare
cases by downstream mailers in an attempt to ensure that the recipient
can return mail by using the address in the >From line. There is often
a return address (a Reply-To line) which the user or originating mail
software adds in an attempt to second-guess the mailers which will
handle the mail. There is also an additional From line in the envelope
of the message which describes the userid of the account which
contacted the first mailer in the chain. Finally, there is any
identifying information (well, claims, really) in the body of the
message itself.
Now, all of the information in an electronic mail message is generally
entirely human-editable; for non-smtp systems, it is more annoying to
modify header and origination information, but not inherently less
feasible. Similarly, all of the 'trail' of the message (the lines
indicating what machines recieved and forwarded the message, and at
what time) can be artificially constructed, up to the point at which
the message was inserted into a machine's mail delivery system. Thus,
it is entirey possible for me to falsify not only the return address
information, but also the trail of machines through which a message
passed, to lend credence to the false sending address.
This tells us that the degree to which we can trust that a piece of
electronic mail came from the source which the message claims is very
low. However, a cursory examination of other message delivery systems
betrays that they don't fare very well either! I don't know to what
degree people (in practice) trust an email message to have come from
the claimed sender any more than they trust that a phone call came from
the person or organization who claimed to call ('Hi, I'm from Bank of
America, we're trying to straighten up a billing problem with your visa
account, number xxxx-xxxx-xxxx-xxxx, could you please give us your date
of birth and mother's maiden name so that we can confirm that you are
the cardholder? Thank you, now on your last bill - I'm sorry, I have
another call, can I call you right back? Thank you'), but the
underlying problems all stem from trusting message systems to be
verified when they aren't. Moreover, no useful message system *can be
completely verified.*
Which brings us around to the standard observatoins on postal fraud:
1. Protect yourself
2. Never send money based solely on a phone call
(this may be considered comparable to 'never send money based solely
on a piece of electronic mail)
3. Above all else, remember that a caller (or sender of mail) may not
be who they say they are, and that the apparent origin of the message
may be entirely falsified.
I hope this will provide you and your students with both some
stimulating thought and some awareness of the lack of security in our
existing message systems. Further, I would suggest that the utility of
insecure messaging systems (which ease establishing initial contacts
and which allow us to conduct communications with great ease) far
outweighs the utility of completely secure message systems *in almost
all circumstances.*
--
Richard Threadgill
Network Architect
Apple Computer
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 05 Nov 1994 08:24:25 -0600 (CST)
Subject: NTIA Virtual Public Conference, an Invitation
Organization: University of Wisconsin-Milwaukee
I have been asked to co-host the privacy portion of the following
virtual conference. I am sure that each of you is invited to
participate also. For those who do not wish to contribute to the
conference but only wish to see summaries, we will be posting that sort
of material here. For the rest of us, well, read the following:
NTIA Virtual Public Conference
on
Universal Service and Open Access to the Telecommunications Network
The conference will begin on November 14th, 1994, and run through
midnight November 18th, 1994. If there is sufficient interest, it may
be extended an additional week.
At present, you may subscribe to a topic by sending email to the topic
address. Your email address will be saved and you will be added to the
subscription list for the topic. No actual traffic on the topics will
begin until November 14th, though essays by conference hosts will be
sent out a few days before the conference begins.
At this time, if you subscribe to a topic, you will receive an
introductory messsage about the conference. However, your email
address is the only information being retained--do not send any message
destined for a conference topic. You do not need to supply any
information in the subject line or in the message to presubscribe.
If you wait and subscribe to a conference topic when the
conference begins on November 14, 1994, you need to send email to
a conference topic from the account where you want to receive the
mailings. The message should have the single line in it:
subscribe topic your name
where subscribe is a keyword and topic is the name of one of the
following topics: redefus, avail, intellec, privacy, standard,
opnacces. Your name in the above example is strickly for
documentation.
Please use these addresses for subscribing to conference topics:
Redefining Universal Service and Open Access:
redefus@virtconf.ntia.doc.gov
Affordability and Availability:
avail@virtconf.ntia.doc.gov
Interoperability:
standard@virtconf.ntia.doc.gov
Intellectual Property:
intellec@virtconf.ntia.doc.gov
Privacy:
privacy@virtconf.ntia.doc.gov
Universal Service and Open Access for Individuals with Disabilities:
opnacces@virtconf.ntia.doc.gov
This automated reply will not be sent to you more than once per week,
no matter how many times you send to this address.
We are glad to have you with us, and look forward to a productive
series of discussions on this aspect of the National Information
Infrastructure. Please feel free to inspect our information server
at:
http://ntiaunix1.ntia.doc.gov:70/0/press/virtcon.txt
For your convenience, we have included the original conference
announcement below.
THE NATIONAL TELECOMMUNICATIONS AND INFORMATION
ADMINISTRATION (NTIA)
and the
UNIVERSAL SERVICE WORKING GROUP
OF THE INFORMATION INFRASTRUCTURE TASK FORCE (IITF)
announces a
VIRTUAL PUBLIC CONFERENCE ON "UNIVERSAL SERVICE AND
OPEN ACCESS TO THE TELECOMMUNICATIONS NETWORK"
November 14-18, 1994
Background
The National Telecommunications and Information Administration (NTIA)
and the Universal Service Working Group of the Information
Infrastructure Task Force (IITF) will host an electronic, Virtual
Conference the week of November 14-18, 1994.
The Virtual Conference will culminate a year-long effort by the Clinton
Administration to gather information and opinions about the issues of
universal service and open access with respect to telecommunications
and information networks.
The Conference is part of the Administration's initiative to promote
the development of a National Information Infrastructure (NII) and
Global Information Infrastructure (GII). The Administration's report
entitled the National Information Infrastructure: Agenda for Action,
released on September 15, 1993, describes the benefits of networking
technology and the potential for using the NII to create an electronic
commons. The report includes the Administration's goals of extending
universal service to the information infrastructure and using the NII
to conduct government business. In addition, the Administration plans
to issue the Global Information Infrastructure: Agenda for
Cooperation, in December 1994. This report will address universal
service and other issues in the global arena.
The Virtual Conference will be conducted entirely through electronic
networks--using the Internet, dial-up bulletin board access, public
information service providers, and commercial service providers.
Although participants may use their own computers, NTIA and the
Universal Service Working Group seek to facilitate nationwide access by
encouraging public institutions to make their computer facilities
available to the public during the week of the conference.
Information collected during this conference and previously through
field hearings will assist the Administration's ongoing policy
deliberations and may be used in future reports on universal service
and open access.
How the Conference Will Be Conducted
During the week of November 14-18, 1994, NTIA will create a series of
electronic discussion groups. Each topic will have an Internet mailing
list and USENET newsgroup devoted to discussion of the specific topics
and hosted by an expert in the field. Any comments submitted as part
of this electronic discussion will become part of a publicly available
electronic archive. Topics to be discussed at the Virtual Conference
are:
-- Redefining Universal Service and Open Access: What is the
minimum "basket" of telecommunications or information services or
capabilities that all Americans should be able to obtain today?
Which services or capabilities, if any, should be available to all
Americans on an optional basis? What is the relationship between
universal service and open access?
-- Affordability and Availability: Who lacks telecommunications
services and why? Should training in the use of more advanced
network services be available to all who wish it? Who should pay
for such training? How can rural concerns and inner city concerns
best be accommodated under a new universal service concept? How
can government balance the need for universal service with the
benefits of a competitive environment for the telecommunications
industry?
-- Intellectual Property: Does the traditional legal framework for
intellectual property work with digital technology? What are the
respective roles of the government and the private sector in
determining how authors and others who hold intellectual property
rights are reimbursed? Does the current legal framework for
intellectual property rights help or hinder accessibility to
telecommunications and information networks?
-- Privacy: What potential is there for the telecommunications and
information networks to compromise personal privacy? To what extent
will perceptions of reducedprivacy hinder widespread, seamless
access to the telecommunications and information networks?
-- Interoperability: What is the relationship between
interoperability and the concepts of universal service and open
access? What are the respective roles of the marketplace and the
government in determining standards and protocols for
interoperability? What lessons can be learned from past efforts in
standards setting, both domestically and internationally?
-- Universal Service and Open Access for Individuals with
Disabilities: What is the current state of access to
telecommunications and information services for the disabled? How
can such services help the disabled participate more fully in
society? What design concepts for the disabled are transferable to
all users to improve overall network functionality?
Participants in the Virtual Conference are encouraged to review the
following two documents recently issued by NTIA: (1) NII Field
Hearings on Universal Service and Open Access: America Speaks Out; and
(2) Notice of Inquiry (NOI) on Universal Service and Open Access Issues
(written comments in response to this NOI are being received by NTIA
and should be filed on or before December 14, 1994, to receive full
consideration). Both documents already are available through NTIA's
IITF Gopher Server at iitf.doc.gov, dial in to (202) 501-1920, and
NTIA's Bulletin Board Service at (202) 482-1199, ntiabbs.ntia.doc.gov
(telnet, gopher or world-wide web).
Call for "Public Access Points"
Libraries and universities, as well as state and local governments, are
encouraged to make their facilities available to the public. Providing
these public gateways will demonstrate the power of networking and
facilitate access for those who might not otherwise be able to
participate.
If your institution is interested in participating as a "public access
point," please see the attached registration form.
Dates
The Conference will start at 9:00 a.m. Eastern Standard Time (EST) on
November 14, and conclude at 11:59 p.m. EST on November 18, 1994.
During this time period, the Conference will be open for comments 24
hours a day.
For Further Information
Additional information about the Virtual Conference, including
instructions on how to join a topic, may be found on the Conference
Gopher: virtconf.ntia.doc.gov. This information can also be e-mailed
directly to you; send a message to info@virtconf.ntia.doc.gov and you
will receive an automatic reply.
For technical assistance, please contact Charles Franz at (202)
482-1835 (cfranz@ntia.doc.gov). For general information or to receive
a "Public Access Point" registration form, please contact Roanne
Robinson at (202) 482-1551 (rrobinson@ntia.doc.gov). Fax inquiries
should be directed to (202) 482-1635.
*********************************
The National Telecommunications and Information Administration serves
as the President's principal advisor on telecommunications policies
pertaining to the nation's economic and technological advancement and
to the regulation of the telecommunications industry.
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 26 Sep 1994 12:45:51 -0500 (CDT)
Subject: Info on CPD, Contributions, Subscriptions, FTP, etc.
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions generally are acknowledged within 24 hours of
submission. An article is printed if it is relevant to the charter of
the digest. If selected, it is printed within two or three days. The
moderator reserves the right to delete extraneous quoted material. He
may change the subject line of an article in order to make it easier
for the reader to follow a discussion. He will not, however, alter or
edit or append to the text except for purely technical reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V5 #058
******************************
.