Date: Sat, 03 Dec 94 08:22:21 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V5#069
Computer Privacy Digest Sat, 03 Dec 94 Volume 5 : Issue: 069
Today's Topics: Moderator: Leonard P. Levine
Re: DC Metro Smart Cards
Re: DC Metro Smart Cards
Re: DC Metro Smart Cards
Parents' SSNs wanted for Fundraising
Re: Mother's Maiden Name
Re: Proof of Birth
Re: DMV Records
Is Per-Call Blocking Worthless?
Re: Clarifying answers to TEN QUESTIONS
Re: Clarifying answers to TEN QUESTIONS
Info on CPD, (unchanged since 11/28/94)
----------------------------------------------------------------------
From: huggins@quip.eecs.umich.edu (Jim Huggins)
Date: 30 Nov 1994 22:41:29 GMT
Subject: Re: DC Metro Smart Cards
Organization: University of Michigan EECS Dept., Ann Arbor, MI
Dave Moore <davem@garnet.spawar.navy.mil> writes: [NY Post reports
on] the planned introduction of a Smart Card for using the DC
Metro.
The other thing that struck me is that they (Metro Authority) plan
on charging a "Premium" for the card. A discount I could understand
to encourage its use, but why would anyone want to pay extra for
this thing?
Convenience. Presuming that the system works and that privacy doesn't
become a problem, you don't have to fish through your pocket to find
correct change or a token, and you don't have to stand in line to get
through a tiny turnstyle which inevitably slows you down during rush
hour.
It's the same way with other technologies which have the capability of
invading privacy. Sure, I could pay cash for everything I bought, but
I trade the possible loss of privacy in using checks and credit cards
for the convenience of not having to carry lots of cash.
--
Jim Huggins, Univ. of Michigan huggins@eecs.umich.edu
"You cannot pray to a personal computer no matter how user-friendly it is."
(PGP key available upon request) W. Bingham Hunter
------------------------------
From: rutgera@rd.mey.nl (Rutger Alsbach)
Date: 01 Dec 1994 11:42:41 GMT
Subject: Re: DC Metro Smart Cards
Dave Moore <davem@garnet.spawar.navy.mil> writes about the DC Metro
Smart Card: It also stated that it was far more secure than a
standard fare card because if you lost it, you could report it
stolen and have it disabled. I infer from this that your personal
ID is tied to the card and that it is not anonymous.
It could also be that the card is identifiable by a number. You could
write that down and keep it at a safe place (away from the card). If
the card is stolen, DC Metro can disable the card and pay a refund
(minus charges) to the person that reports its number. All this can be
done anonymously (as long as you pay cash and receive a cash refund).
DC Metro could still track the use of the card but they don't have a
name to connect it with. Additional advantage is, that it is harder
for personal enemies or practical jokers to have your card disabled
(and get the refund) by saying your name and reporting it stolen - they
need the number.
--
Rutger
------------------------------
From: Raul Deluth Miller <rockwell@nova.umd.edu>
Date: 01 Dec 1994 13:38:57 -0500
Subject: Re: DC Metro Smart Cards
Interestingly enough, the DC Metro system looks like it was designed
to enable tracking the movement of all individuals who pass through
it.
[A] There are numerous security cameras at the stations. In the past,
many have been positioned to observe people at the farecard
machines as well as at the gates.
[B] A debit card is used, which lasts across multiple trips, and which
must be used both to enter and exit the system.
[C] Typically, a debit card "session" will last across multiple cards
[the card has a fractional fare, and is redeemed and reissued on a
new card.]
[D] Other interactions with the system typically involve the
acquisition of identification information from patrons. For
example, At one point, people were asked to sign the metro cards
but this request was widely disregarded... People who use an ATM
card to buy a metro card either get their picture taken or are
asked for a signature.
Obviously, this is not a complete tracking system, most metro users
will establish a regular pattern of use, greatly simplifying the
analysis and reduction of such data. To use the present system for
tracking, you would need:
[A] High bandwidth connection between the video system and some
sophisticated analysis site.
[B] Similar (but lower bandwidth) connection between the fare card
machines and gates and the analysis site.
[C] Classification software which roughly categorizes each card user.
[D] Analysis personnel and correlation systems sufficient to annotate
and give attention to records which match "high risk" profiles.
Of course, there are difficulties with such a system: Automated
camera identification of people -- even when assisted by typical
patterns of behavior -- is not likely to be particularly effective or
efficient. Many users discard low-value metro cards, rather than
redeem them. The probability of a lost metro card is high enough that
many people opt for single trip cards. Etc.
The expense of such a system would make it hard to justify. However,
it's plausible that national security concerns might be used to put at
least some of the above mechanisms in place [if this were the case,
then there should also be mechanisms in place to look for other
indicators, such as electromagnetic field signatures of common
weapons].
Anyways, this is all speculation.
--
Raul D. Miller N=:((*/pq)&|)@ NB. public e, y, n=:*/pq
<rockwell@nova.umd.edu> P=:*N/@:# NB. */-.,e e.&factors t=:*/<:pq
1=t|e*d NB. (,-:<:)pq is four large primes, e medium
x-:d P,:y=:e P,:x NB. (d P,:y)-:D P*:N^:(i.#D)y [. D=:|.@#.d
------------------------------
From: wrf@ecse.rpi.edu (Wm. Randolph U Franklin)
Date: 01 Dec 1994 01:11:35 GMT
Subject: Parents' SSNs wanted for Fundraising
Organization: ECSE Dept, Rensselaer Polytechnic Institute, Troy, NY, 12180 USA
This is from Chronicle of Higher Ed, Nov 30, page A35, an article on
getting students' parents to contribute money even before the student
has graduated.
George Wash U asks parents to fill out and return an info card, which
appears to be from the Registrar, but is in fact from Development
(=fundraising). The card asks for the parent's SSNs. The article says
that Development can use this info to get the parent's income and
property that they own, tho it doesn't outright say that GWU is doing
this.
--
Wm. Randolph Franklin, wrf@ecse.rpi.edu, (518) 276-6077; Fax: -6261
ECSE Dept., 6026 JEC, Rensselaer Polytechnic Inst, Troy NY, 12180 USA
More info: (1) finger -l wrf@ecse.rpi.edu (2) http://www.ecse.rpi.edu/wrf.html
------------------------------
From: PHILS@RELAY.RELAY.COM (Philip H. Smith III, (703) 506-0500)
Date: 01 Dec 94 08:36:06 EST
Subject: Re: Mother's Maiden Name
Barry Margolin <barmar@nic.near.net> said: Probably one of the
better methods is American Express's. If they notice a shift in
your purchasing style they'll ask the merchant to put you on the
line, and they ask you for recent purchases prior to the style
change.
This is clearly a reasonable approach. SPRINT at least used to use
something *sort of* similar: in 1988, after having used SPRINT for 2
years, I started travelling a fair bit on business. Mostly I used my
company card for long distance; on one occasion, however, I was in New
York and called my parents, in Canada. A few MONTHS later I tried to
use the FON card again and (after successive tries, then a call to
Customer Service) found that it had been cancelled. Why? Because the
call to my parents was "outside my normal calling pattern". Never mind
that such calls are presumably the main purpose of such a card for an
individual; never mind that I call my parents regularly, and that the
odds of a thief stealing my card in order to call them were small;
never mind that SPRINT didn't bother to notify me in the intervening
months (July to December, in fact). Actually, they did claim that they
try to contact people, but they won't leave messages on answering
machines. Never mind that the answering machine is on the primary line
to which the card was billed -- hence if that machine is compromised,
I'm hardly going to be able to complain.
When I suggested that, given their policy, they should just send me
several dozen cards so that, after using each once, I could cut it up
and throw it away so they could cancel it, they stopped being friendly
and suggested that I change my service if I was displeased with it.
And, of course, the promised callback from a supervisor never came (and
I lost interest in following up on it).
--
phsiii
------------------------------
From: jwendt@kosepc02.delcoelect.com (John Wendt)
Date: 01 Dec 1994 17:50:28 GMT
Subject: Re: Proof of Birth
Organization: Delco Electronics Corp.
Eric Poulsen <ericp@kalama.doe.Hawaii.Edu> writes: few years ago, I
was going to do some travelling, so I set about obtaining a
passport. I was told that I need a "record of birth" (different
from a birth certificate), and they gave me an address to write to
my state of birth (AK) to obtain this document. Well, I wrote to
them, and simply told them my name and address (my name isn't very
common, so I figured it was unlikely to be two people born in AK ->
A few weeks later, I recieved a "record of birth" for someone 9
years older than I. Turns out that he had the same first & last
name as myself, but a different middle name,>Then it occured to me
... I could probably obtain this sort of document for *ANYONE* as
long as I knew their place of birth. I could have easily obtained
a passport with the other fellow's name, etc, etc ..., but with MY
picture on it. As long as I picked someone who was near the same
age, race, eye, & hair color (not that farfetched), I could
"assume" someone else's identity! T
It used to be a not-uncommon scam to look in a newspaper from about the
time of your own birth, pick someone who had died in infancy, then
apply for a birth certificate in the name of that person. "60 Minutes"
once showed one of their reporters going through the process. You have
no past, of course, no school or credit record, but credit is still
available.
I believe that Indiana now requires a photo ID to get a BC. But what
do you use to get that first photo ID...?
========================================================================
John M. Wendt | Ah, but a man's reach should
Software Engineer | exceed his grasp,
Service Test Equipment Engineering | Else what's a metaphor?
Delco Electronics Corp., Kokomo IN, USA |
| -- Marshall McCluhan
(Standard Disclaimers Apply)
------------------------------
From: thwong@cs.cornell.edu (Ted Wong)
Date: 01 Dec 1994 22:04:11 GMT
Subject: Re: DMV Records
Organization: Cornell Univ. CS Dept, Ithaca NY 14853
Barry C Nelson (bcn) wrote: The recently enacted Violent Crime Act
changes the federal law with regard to granting access to state DMV
records. Sec 300001 adds a new chapter in Title 18 U.S.C., Chapter
123, Section 2721 (a): "Except as provided in subsection (b) a
State department of motor vehicles and any officer, employee, or
contractor thereof, shall not knowingly disclose or otherwise make
available to any person or entity personal information about any
individual obtained by the department in connection with a motor
vehicle record."
Interestingly, "personal information" does not include information on
vehicle accidents, violations or driver's status or zip code.
How will this new law affect the following procedure:
Cornell University has its own traffic department that enforces the
on-campus parking rules. If a student gets a parking ticket, and was
registered previously with the Traffic Department (through purchase of
a parking permit), the ticket will be applied to that student's bursar
bill if he fails to send in a check for the fine.
However, most students don't buy parking permits since they're fairly
expensive, and thus TD doesn't have a record cross-referencing the car
registration number to the owner; if the student doesn't pay by check,
TD can't get the fine. What happens then is that TD contacts the
Department of Motor Vehicles in the state the car was registered, and
gets the name of the owner. The name is cross-refed against the
student list, and the fine applied to the matching account if one
exists.
With the change in law, will state DMVs still be able to provide
Cornell with information it wants?
--
Ted Wong <thwong@cs.cornell.edu> |DISCLAIMER:
|Cornell's opinions are its own,
Computer Science |and do not necessarily reflect
Cornell University |those of the author.
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 01 Dec 1994 20:55:52 -0600 (CST)
Subject: Is Per-Call Blocking Worthless?
Organization: University of Wisconsin-Milwaukee
I have been asked the question: I have been told that when using
the per call blocking feature (i.e., *67) to suppress my phone
number, that the number is *still* being sent, but with a 'packet'
that only suppresses it being displayed. Can this be confirmed? I
am currently on hold from my phone company -- Ameritech in
Indianapolis (whose motto seems to be: "we don't care -- we don't
have to -- we're the phone company") to get the 'official'
response. I was also informed that per line blocking is neither
available, nor would it be.
The problem is, then, if it only suppresses the display of the
information, then it is as useless as my unlisted phone number.
The woman from the phone company couldn't even understand the
difference betwen the two cases... Does anyone *know*?
My understanding is that unlisted phone numbers with per-line blocking
have no greater security; that the calling number information is
passed through the entire network and is stopped only at the very end,
before the final user. Is that correct?
I think that we are waiting on the Federal Communication Commission
for a federal ruling, and that ruling may well totally disable
blocking of any kind for inter-state calls.
--
Leonard P. Levine e-mail levine@cs.uwm.edu
Professor, Computer Science Office 1-414-229-5170
University of Wisconsin-Milwaukee Fax 1-414-229-6958
Box 784, Milwaukee, WI 53201
------------------------------
From: "BRENDZA, TOM" <BRENDZA@gould-tm.mhs.compuserve.com>
Date: 01 Dec 94 11:34:23 EST
Subject: Re: Clarifying answers to TEN QUESTIONS
I appreciated your response to the Anonymous posting regarding the Ten
Questions previously posted. I am a married computer professional who
has no children, but if I did, the Ten Questions are the types of
questions I would ask my child. They are also the types of questions
that I would give to my non-computer literate friends and relatives to
ask their more-literate children. Actually, if you could send me a
copy of the original Ten Questions, I would appreciate it.
I believe that the scope, content, and intent of the the Ten Questions
is no different than any other issue that parents must address with
their children, be it the type of music that they listen to, or books
they read, or what have you. Specifically it centers on the fact that
there are wrong and irresponsible actions and right and responsible
actions. A child must first be made aware that an action is wrong, and
then a parent must be sure that the child refrains from performing the
wrong actions. The Ten Questions are an aid to parents to determine
and enforce appropriate behavior from their children. This is a good
thing. A child has a limited right to privacy. The amount of privacy
that a child should be granted is in proportion to the responsiblity
exhibited by a child and the subsequent trust a parent develops. The
only way to determine the level of trust and privacy granted is by
discussion, observation and feedback with the child. I believe that
this used to be called responsible parenting. The Ten Questions are a
good starting point for parents to discuss what otherwise might be a
foreign subject.
Please keep up the good work.
--
Tom Brendza
brendza@gould-tm.mhs.compuserve.com
------------------
General disclaimer: My opinions are my own and are neither endorsed nor
recognized by Gould Instrument Systems.
------------------------------
From: Paul Robinson <PAUL@tdr.com>
Date: 01 Dec 1994 06:58:28 -0500 (EST)
Subject: Re: Clarifying answers to TEN QUESTIONS
Organization: Tansin A. Darcos & Company, Silver Spring, MD USA
Bob Bales ("(NCSA) Bob Bales" <74774.1326@compuserve.com>) writes
about the anonymous poster to Comp Privacy:
"I almost never get permission to look at each file I view
I go under the assumption that I may view anything that
allows read access by me without going outside of the
normal methods in use to read files".
Does this sound familiar? This is the standard rationalization
used by hackers when they crack computer systems. Gee, I got in so
it must be OK. This represents an immature view of life and fails
to acknowledge _personal_ responsibility.
Excuse me, but the original poster's statement of his method is the
*standard* for accessing most computer systems over the Internet. It's
called "anonymous ftp" and part of the procedure allows anyone who can
connect to a site (which is essentially anyone with IP connectivity) to
obtain any public file from that system.
It is generally assumed - I have never seen any evidence or published
statements to the contrary - that any file on an FTP server that
accepts "anonymous" or "ftp" as the user id is allowing anyone to copy
any file that appears on that server. *Without asking for
permission*.
Does grandma know that you think its OK to read her diary? (Of
course, only if she leaves it where you can get at it without
violating her "privacy").
Many diaries have been sold with little locks on them, or you can, if
you trust people, ask them not to read it or to put a notice on the
item asking people not to do so. If you don't lock it up and you don't
make any indication on a book not to read it, well...
Dr. Tippett developed "TEN QUESTIONS PARENTS SHOULD ASK THEIR
CHILDREN" as an aid to _parents_ in dealing with the confusing
world of ethics in cyberspace. He--and supporters of the National
Computer Ethics and Responsibility Campaign--would greatly
appreciate constructive criticism which might make this document of
even greater value to that audience. However, reviews which
purposely distort the basic intent of the document are unwanted and
unwarranted. When hidden under the cloak of anonymity, such
distortions are unprofessional and tasteless.
Is this the whining of someone who got caught with a poorly designed
questionaire and is complaining because someone caught the ambiguities
and badly phrased questions?
Taken as it was written, many of the questions - such as asking if the
person has text files that explain how to make explosives or
anti-personnel materiel - make the whole questionaire sound as if it is
a list of "don'ts". One of the items included asking whether the
person had a modem and a phone line. Taken in the context of the whole
questionaire, it could be believed - based on misinformation in the
media and the tone and content of the questionaire - that having a
modem and phone line connected to a kid's computer is a danger sign.
I agreed with some of the anonymous poster's comments, that there are
some things you would not show to other people because you want to keep
things private. When I was younger, I kept a diary; I kept my most
personal and intimate thoughts in that diary, and would expect to keep
it private I would not dream of (at that time) having other people read
it. While there are exceptions, even children are entitled to
privacy. (Do you think children should masturbate in private or in
front of their parents?) :)
3. Do you ever use other people's computer, disk-space or
processing capability, or look at or copy their files or
information, without their knowledge or permission? I almost
never get permission to look at each file I view. I go under
the assumption that I may view anything that allows read access
by me without going outside of the normal methods in use to
read files. If it is interesting, I copy it for future
reference. I hope they do not know any details about my use.
After all, I want to retain my privacy and they should not be
watching what I do.
As usual, you are attempting to avoid the question. Let me be more
explicit: have you ever logged into or otherwise used another
person's computer, without getting appropriate permission to use
that computer? "Appropriate permission" can sometimes mean being
connected to a network in a permissive way, of course; in other
cases it can mean getting a password and an account. The real
question is, "have you ever used a computer, knowing that if the
owner found out, he or she would be upset?"
Then the question should be asked that way; if you ask an improperly
formed question, you risk getting the answer that matches the badly
asked question. If you asked me is it ever right to steal, I would say
"yes". Then you would label me dishonest. If the question were
phrased, "Other than in extreme emergency (such as when survival is at
stake) is it ever right to steal?" then my answer would be "no".
But if you ask a question badly, you have to accept the lousy quality
of answers to that question.
As to reading files, you need to learn some electronic manners,
Joey. On timeshared and networked computers, there are many users
who do not have the sophistication to protect their sensitive
files.
Then let them learn. When we know what the rules are, e.g. that when
you make something public you invite us to look - which is the typical
practice on most networked computer systems - then those who expect
something other than the standard are in for some rude
disappointments.
Whatever the rules are, people can learn to live with them. But the
rules had better be consistent or people have a right to complain. If
files are generally public and you're not supposed to look at them
unless invited, fine; but publicize that as the rule. Then explain why
this is a different standard than what is common practice.
Beyond that, I'd like to know why the administrator on that site was
asleep at the switch and hasn't been disciplined or fired. I have used
systems ranging from IBM and CDC mainframes, to PDP 11 Minicomputers,
to networked systems. The typical, usual and customary practice on
these systems is to default accounts to having all files private UNLESS
AND UNTIL the owner explicitly makes them public.
Expecting people to live under an entirely different standard of rules
without notice, is ludicrous.
When you assume that having read access to a file means it's OK to
read it, you risk invading the privacy of a naive user who thinks
that everything is automatically protected. I don't mind a bit of
exploration, but I'd be deeply troubled if you dove into a
directory named "personal" and started reading another user's love
letters, simply because they were world-readable.
Just because a directory is marked "personal" does not mean the
material is something the owner doesn't want anyone to read. It may
mean this is where the stuff that is his own - such as the source code
he personally wrote - as opposed to stuff written as part of his job,
or production work, or whatever.
We have doors on houses and curtains across windows to keep people from
watching our private business. If you live in a glass house, you have
to expect some people may stare. If you don't know enough about home
furnishings to know that drapes and shades cover windows, then you have
to accept the risk that people might look in on you.
If you keep all of your files publicly readable, some people are going
to look at them. Systems that have protections to make files not
readable are available for that reason and are usually set by default
for that reason. If you don't know enough that protections cover files
from people looking at them, then you have to accept the risk that
people might look at your files.
I expect people who use a dangerous tool should have at least the
minimum understanding necessary to keep from injuring themselves during
use thereof. A computer is an even more dangerous tool if you only
know how to use part of its capability.
---
Paul Robinson - Paul@TDR.COM
Reports on Security Problems: To Subscribe write PROBLEMS-REQUEST@TDR.COM
Voted "Largest Polluter of the (IETF) list" by Randy Bush <randy@psg.com>
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 28 Nov 1994 08:46:14 -0600 (CST)
Subject: Info on CPD, (unchanged since 11/28/94)
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions generally are acknowledged within 24 hours of
submission. An article is printed if it is relevant to the charter of
the digest and is not redundant or insulting. If selected, it is
printed within two or three days. The moderator reserves the right to
delete extraneous quoted material. He may change the subject line of
an article in order to make it easier for the reader to follow a
discussion. He will not, however, alter or edit or append to the text
except for purely technical reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
Older archives are also held at ftp.pica.army.mil [129.139.160.133].
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V5 #069
******************************
.