Date: Tue, 15 Aug 95 10:55:13 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V7#013
Computer Privacy Digest Tue, 15 Aug 95 Volume 7 : Issue: 013
Today's Topics: Moderator: Leonard P. Levine
Re: Caller ID Blockers
Re: Caller ID Blockers
Re: Caller ID Blockers
Re: Information Collection at Sears
Watch them Vacation Programs
Re: Web Access and Mailing Lists
CLI-InfoRequest
Credit Reports and Identifying Information
An Abuse of Individual Right to Privacy?
Info on CPD [unchanged since 08/01/95]
----------------------------------------------------------------------
From: Lynne Gregg <lynne.gregg@mccaw.com>
Date: 11 Aug 95 11:21:00 PDT
Subject: Re: Caller ID Blockers
Bill Ranck <ranck@joesbar.cc.vt.edu> posted the following: By the
way, there is another problem with the *67 sequence in many
locations. If you happen to have a caller-id block on your line
the *67 toggles it off. In other words, using *67 on a line that
does not normally give caller-id will make it give caller-id for
that call.
This is true - FOR THE TIME BEING. The FCC Order on Calling Number
Services will go into effect on 12/12/95. This Order requires telcos
to use *67 only for blocking presentation of the Calling Party Number
(CPN) and not use it as a toggle.
The FCC ordered that *82 be used for unblocking (in the event that the
customer has a Per Line Block). So, if a customer has Per Line
Blocking and uses *67, the CPN presentation should be blocked. If a
customer does not have Per Line Blocking and uses *82, then the number
would be displayed. The FCC says no toggles with these star codes. I
personally think that's a good move. It's hard enough for most folks
to remember all the star codes that control various telco services.
The other issue here is that if I use someone else's phone, I probably
don't know whether that person has Per Line Blocking or not. Therefore
if I pre-pend *67, I really mean, "block my number". This is why there
needs to be distinct and consistently used codes among all the telcos.
That's why the FCC jumped in.
--
Regards,
Lynne
------------------------------
From: rbgreen@comm.net (Robert Green)
Date: 12 Aug 1995 06:54:39 GMT
Subject: Re: Caller ID Blockers
Organization: CommNet Inc.
Athena Consulting (athena@communique.net) wrote: I am very new to
this CALLER ID concept. I just moved to LA from California where
they do not allow the masses to have CID. I have seen a device you
can purchase from specialty catalogs for like $40 that claims to
stop your name and number from being read. Does anyone know if
these work or not? Thanks!
glr@ripco.com (Glen Roberts) wrote: They work great... but you can
do the same by dialing *67. All the box does is dial *67 when you
pick up the line...
The phone line attachments and the *67 option only work if your phone
company is set up for it. In much of Louisiana, there is currently no
way to block CallerID. Try the *67 - if you get a stutter then a dial
tone, the gadget will work, too. If you just get busy signal, the
phone company isn't accepting the blocking.
------------------------------
From: glr@ripco.com (Glen Roberts)
Date: 12 Aug 1995 14:36:39 GMT
Subject: Re: Caller ID Blockers
Organization: Ripco Internet BBS, Chicago
jmolini@inetcom.net wrote: Is there any reason why you don't just
call the phone company and have your number removed from the system
entirely. I did this in Houston.
ranck@joesbar.cc.vt.edu wrote: Very nice. The only trouble is,
this option is not available evrywhere. It varies from state to
state dpending on what the local BOC could talk the PUC into.
Here in GTE land... (With a DMS-100 switch)... *67 results in a busy
signal... yet, when I call my Dad in Michigan, he gets my phone
number... (I'm in PA).
--
--------------------------------------
Glen L. Roberts, Host Full Disclosure Live (WWCR 5065 khz - Sundays 8pm eastern)
(WOYL AM-1340, Oil City, PA). Tech Talk Network; Telstar 302, Ch 21, 5.8 Audio
Look for articles, catalog, programs and great links on:
http://pages.ripco.com:8080/~glr/glr.html
-------------------------------------
------------------------------
From: rathinam@worf.netins.net (Sethu R Rathinam)
Date: 13 Aug 1995 17:36:12 GMT
Subject: Re: Information Collection at Sears
Organization: INS Info Services, Des Moines, Iowa, USA
Frank C. Ferguson (ferguson@dma.org) wrote: No signature on paper
is secure either. It can be scanned into a computer. I guess we
should lock ourselfs into a room and never come out into the cruel,
hostile, criminal world.
The issue has been discussed in this groups a few times. What these
equipment do PRESENTLY is similar to scanning a paper copy of the
signature (correct me if I am wrong on that). That is not a problem
for most of us. But in the future, IF/WHEN the equipment get smart
enough to capture stroke, velocity, pressure ... information, they
will have enough data to make a perfect duplicate of your signature.
Question is, when such capability is achieved, will the companies tell
you about the capability maturity - especially if you and I never asked
questions when signing the "dumb" signature pads?
I insist on signing the paper only copy at Sears and never had a
problem so far (sometimes the person at the counter has to call someone
else to learn how to do it).
NOTE TO Moderator - how about an autobounce of messages on this topic
with a mini-FAQ (including the UPS unauthorized duplication leading to
firing an employee episode)?. After people get familiar with the
issues, they can bring up related questions instead of repeating the
same set of questions.
--
Sethu R Rathinam N7TWL rathinam@netins.net
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 13 Aug 1995 12:41:36 -0500 (CDT)
Subject: Watch them Vacation Programs
Organization: University of Wisconsin-Milwaukee
A friend recently told me about a mailing list he subscribes to that
has several hundred readers.
Messages posted to this unmoderated list are automatically bounced to
everyone on it. He tells me that he recently received from the list a
bounce from a user who seemingly was running a vacation program that
posted "I am not available till 8/20" type messages when email was
addressed to him. Such systems are now fairly common with heavy email
users who normally like to respond within a day to their
correspondents.
This time, however, the responder linked some 30 messages to the
posting, including some clearly private business correspondence and one
message indicating that the author misses the recipient and looked
foreward eagerly to his return.
Personally I do not like vacation programs, they are loaded guns
waiting to go off with endless streams of unwanted mail. I am aware
that they are getting better every year and have good features
waiting to be used. Not by me, not right now.
--
Leonard P. Levine e-mail levine@cs.uwm.edu
Professor, Computer Science Office 1-414-229-5170
University of Wisconsin-Milwaukee Fax 1-414-229-6958
Box 784, Milwaukee, WI 53201
PGP Public Key: finger llevine@blatz.cs.uwm.edu
------------------------------
From: watrous@cs.rutgers.edu (Donald Watrous)
Date: 13 Aug 1995 14:05:12 -0400
Subject: Re: Web Access and Mailing Lists
Organization: Rutgers University LCSR
gmcgath@condes.MV.COM (Gary McGath) writes: Using a log of people
accessing one's Web page to build a mailing list, particularly one
which will be made available to third parties, is a practice I
haven't heard of before, and strikes me as distinctly annoying.
Does anyone know of other sites that do this?
I once tried one of those over the net security scanning services put
on the web as a free come on. Sometime later I got some junk email
from that company, advertising their commercial services. Haven't
heard of access lists being sold, but I wouldn't be surprised.
--
Donald Watrous LCSR Systems, Rutgers University
watrous@cs.rutgers.edu http://www.cs.rutgers.edu/~watrous/
------------------------------
From: Andy Simpson <asimpson@extro.ucc.su.OZ.AU>
Date: 14 Aug 1995 14:03:51 GMT
Subject: CLI-InfoRequest
Organization: The University of Sydney, NSW, Australia
CLI-based services presently are being trialled in Australia. I'd be
very appreciative if anyone could refer me to any good material on the
regulation of CLI services and the failings of that regulation.
Thanks, Andy
------------------------------
From: berczuk@space.mit.edu (Steve Berczuk)
Date: 15 Aug 1995 14:11:02 GMT
Subject: Credit Reports and Identifying Information
Organization: MIT Center for Space Research
Recently we asked for my copies of our credit reports (which is a good
thing to do one in a while) and noticed that my wife's report had a
field "AKA <my-last-name>". The problem is that she uses her own last
name (especially for financial transactions), so we thought it would be
a good idea to ask the credit bureau to correct this... (I'm not sure
how important that this really is, but it seems like a good idea to
make sure that info on the credit report accurate...)
when we wrote a letter asking them to change this we got a letter
saying something to the effect of: "We cannot change your name w/o
documentation, all of our info comes from subscribers..." (the ironic
thing is that we were asking them to STOP changing her name!)
Three questions come to mind:
1) Does this mean that if a "TRW Subscriber" makes a mistake
reporting identifying info it stays there? (on a related note,
they also had a "previous address" mispelled. When we pointed
that out we got the same answer ("we only print what was
reported".))
2) Can we figure out who reported the AKA to get THEM to correct
it? How?
3) Aside from esthetic considerations, how important is
information like "previous addresses and "Also know as" (or
relatedly spouses first name-- credit bureaus seem to not be
able to handle "spouses first & last name")?
Thanks for any insight..
--
Steve Berczuk -berczuk@mit.edu | MIT Center for Space Research
Phone: (617) 253-3840 | 37-561
Fax: (617) 253-0861 | Cambridge MA 02139
------------------------------
From: mwilshire@anchor.demon.co.uk (Michael Wilshire)
Date: 14 Aug 1995 16:10:47 GMT
Subject: An Abuse of Individual Right to Privacy?
I am appending an e-mail which has appears to have been sent by a
company called 'aa.net' - or someone called brett@aa.net - to my
domain name. It appears to have been sent on the (incorrect)
assumption that I am supplying services to other users or 'clients'
within my domain. If I have understood this correctly, I am being
asked to reveal what I would regard to be privileged information about
those clients' names, addresses and email addresses. The message
states that having obtained this information - presumably without the
users' consent - they will announce the existence of a directory
(perhaps for commercial gain?). From the way the message is written,
they seem to realise that the manner in which they plan to obtain this
information is somewhat disingenuous, since they promise not to reveal
the source of their information (presumably the service or access
provider). They claim to already have assembled 2 million such names
and addresses.
If my understanding of this is correct, I believe that any such abuse
of personal information is a direct violation of personal privacy which
should be stopped. I have absolutely no objection to someone
assembling a directory as a public service, provided they openly ask or
invite the users themselves on whether they wish to be listed in the
first place. Simply allowing users to have their names deleted 'after
the fact' is not - in my view - good enough. Furthermore, any covert
attempt to obtain information without the users' knowledge seems to me
to be reprehensible,and in breach of the philosophy of the Internet.
I should be interested to hear views on my interpretation of this
matter, and on how the rights of individuals to protect their privacy
can be preserved.
------------ begin inclusion ----------------
Date: 13 Aug 1995 16:06:10 -0700
From: brett@aa.net
Subject: International Email Directory
To: root@5150.gigo.com
We are compliling the most comprehensive international email
directory.
Currently we have more than two million addresses.
This is not, and will not, be a mass downloadable file, just a
directory.
We request from you the following information:
User name
Company name
City
State/country
Email address
of all of your clients.
After we receive this information, we will announce to each of your
clients the existence of this WWW directory. ALSO, should they wish to
be removed from the listing, they will simply need to email us with the
word "remove" in the subject line. However, only those individuals who
are listed will have access to the directory. WE WILL NOT explain to
them where we received their address from, but simply offer to remove
their name if they wish.
We will update the list monthly, and wish that you send us a "delete"
file and an "add" file as frequently as you can, but not more than
monthly.
Thank you for your assistance
brett@aa.net
------------ end inclusion ----------------
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 11 Aug 1995 09:39:43 -0500 (CDT)
Subject: Info on CPD [unchanged since 08/01/95]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the SUBJECT: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit or append to the text except for purely technical
reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Mosaic users will find it at gopher://gopher.cs.uwm.edu.
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V7 #013
******************************
.