Date: Mon, 03 Jun 96 18:19:52 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V8#045
Computer Privacy Digest Mon, 03 Jun 96 Volume 8 : Issue: 045
Today's Topics: Moderator: Leonard P. Levine
Re: How Secure are 900 MHz Digital Cordless Phones?
Re: How Secure are 900 MHz Digital Cordless Phones?
Re: How Secure are 900 MHz Digital Cordless Phones?
Re: unsolicited email?
Infosec Update '96 -- Ottawa/Hull, Canada
Class III InfoWar
Re: Credit Cards with Internet Fraud Insurance
Re: Credit Cards with Internet Fraud Insurance
Private-Eye Mailing list
Electronic Privacy, Security Journal to Premier June 1
Growing the new Technology Concern
Info on CPD [unchanged since 11/22/95]
----------------------------------------------------------------------
From: julier@clipper.ens.fr (Michel Julier)
Date: 31 May 1996 17:48:29 GMT
Subject: Re: How Secure are 900 MHz Digital Cordless Phones?
Organization: Ecole Normale Superieure, Paris
References: <comp-privacy8.43.9@cs.uwm.edu> <comp-privacy8.44.10@cs.uwm.edu>
Mark Pfeifer <pfeifer@lf.hp.com> wrote: I recently purchased a
Toshiba 900MHz digital cordless phone. It does claim to encrypt
calls. According to the documentation, each time the handset is
placed in the base unit, a new 16-bit key is picked and used until
the phone is placed in the base again (they quote 65536 unique
codes).
Most cordless phones "encrypt" calls, that is they emit a 16-bit code
when you take the line. Your particular phone is specific only because
this code is picked up every time you put the handset on the base:
most phones keep the same code for all their life-time.
However, don't confuse two things: your phone is protected against
people calling on your line, from another handset, as they pass in your
street. You are protected, of course, except if they have a device to
try all 65536 codes. This is to protect your MONEY.
his doesn't mean your PRIVACY is protected: most cordless phones aren't
protected against people listening to them on the FM, at a specific
frequency. I mean, what you say on the phone IS NOT encrypted.
I could tell you about my sister, who was using a fine-quality cordless
phone (Siemens or Philips, I forgot). One day, her neighbor knocked at
her door, and told her that he could listen to her calls on the radio.
This isn't common, I suppose his radio must use some intermediate
frequency that, unfortunately, could match my sister's frequency.
To my view, if you want to say something you consider "secret", you
just shouldn't use a cordless phone. With a standard phone, your calls
can be monitored only by your country's intelligence services, and by
people who really came to put a derivation on your phone line.
----------------------------------------------------------------
Michel JULIER <julier@ens.fr> Paris,France
soon moving to Montpellier, France
------------------------------
From: paul@fatmans.demon.co.uk
Date: 01 Jun 1996 11:58:00 +0000
Subject: Re: How Secure are 900 MHz Digital Cordless Phones?
As I understand it these cordless phones (called DECT in the UK) use
the same encryption as GSM (global system for mobile communications)
mobile phones do in Europe, the algorithm is called A5 and is
implemented with a 64 bit key (correct me if i`m wrong but when the
standard was agreed the french (all encryption has to be government
approved in france) made it illegal to use a greater key so 64 was
agreed)
anyway, the cipher is something like this:
x = 64 bit session key (changes every time, generated using a hash or
prng, not sure which, at both base and phone).
a= 114 bit a to b key stream
b= 114 bit b to a key stream
The output stream used to encrypt the data is just an XOR of three
LSFRs (varying lengths, cant remeber them off hand but i think they are
about 30 bits each)
With very much longer registers the system would be strong but with
its registers at 30 bits or so an exhausive search is possible, and
indeed is meant to be, if you are into electronics it wouldn`t be
that hard to re write the code and make one of these phones secure,
because the system is secure, just the key length is at fault...
as it is the whole thing is pretty trivial to break but you needn`t
worry about your next door neighbour listening in, but for someone with
about 15-20 thousand dollars to spend it is quite possible...
------------------------------
From: "George Stripling Jr." <gdstrip@edge.net>
Date: 01 Jun 1996 16:20:57 -0500
Subject: Re: How Secure are 900 MHz Digital Cordless Phones?
Organization: Salt Design & Consulting
References: <comp-privacy8.44.11@cs.uwm.edu>
Ed Frankenberry <ezf@osf.org> wrote: from a privacy/security
perspective, both forms of digital transmission represent an
improvement over conventional unencrypted analog (AMPS) cellular
telephones or analog cordless phones.
True, but reallize that the U.S feds get the decoding algorithms too.
--
George Stripling Jr. PGP Key ID:F6A2CA2D
<http://edge.edge.net/~gdstrip/> <mailto:gdstrip@edge.net>
There is no expedient to which a man will not go to avoid the real
labor of thinking.
--- Thomas A. Edison, Placard, in all Edison works ---
------------------------------
From: eck@panix.com (Mark Eckenwiler)
Date: 31 May 1996 17:25:18 -0400
Subject: Re: unsolicited email?
Organization: A person on business from Porlock
References: <comp-privacy8.43.7@cs.uwm.edu> <comp-privacy8.44.2@cs.uwm.edu>
prvtctzn@aol.com writes: The Telephone Conuser Protection Act of
1991 (47 USC 227) prohibits unsolicited advertisements to fax
machines.
A fax machine is define (by this law) to be equipment with the
capacity to:
- receive signals over a regular telephone line
- convert that data into text or graphics, and
- print that data on to paper
Therefore, your computer - email - printer system is (by definition
) a fax machine. You can sue the sender for $500 for each such
transmission so long as you have no existing or prior business
relationship with the sender.
For the contrary view (that the TCPA does not apply to e-mail), see my
article (acknowledging Bob Bulmash's position and referring to him) at
http://techweb.cmp.com/net/issues/036issue/036law.htm
The issue has also been beaten to death multiple times this year in
misc.legal.computing and other Usenet groups. A suitable set of
AltaVista and DejaNews searches should turn up much archived discussion
on the subject.
--
Sold by weight, not by volume.
Some settling of contents may have occurred during shipment and handling.
Mark Eckenwiler eck@panix.com
------------------------------
From: Mich Kabay <75300.3232@CompuServe.COM>
Date: 31 May 96 14:02:44 EDT
Subject: Infosec Update '96 -- Ottawa/Hull, Canada
InfoSec Update '96 -- 12-13 July 96 -- Ottawa/Hull, Canada. National
Computer Security Association & Institute for Government Informatics
Professionals. Info: <itsem@ncsa.com> or
<http://www.ncsa.com/update96.html>
M. E. Kabay, Ph.D. (Kirkland, QC)
Director of Education / Natl Computer Security Assn (Carlisle, PA)
------------------------------
From: winn@Infowar.Com
Date: 01 Jun 1996 21:33:01 -0400
Subject: Class III InfoWar
Class III Information Warfare: Has It Begun?
The June 2, 1996 Sunday Times from London front page headline reads:
"City Surrenders to L400 million Gangs"
And HERF Guns, Electromagnetic Pulses and sophisticated logic bombs may
be responsible.
At InfoWarCon II, Montreal Canada, I made reference to investigations I
was conducting regarding concerted and organized attacks on up to 43
financial institutions in Europe and the US; an example of Class III
Information Warfare. This issue of London Sunday Times brings a
glimpse of the story that will eventually be told.
The first attack in my files dates to January 6, 1993. A trading house
in London was blackmailed into paying L10million to unknown
extortionists who demonstrated they could crash the company's computers
at will. The next incident in the Times article is also in my files:
January 14, 1993 where similar demonstrations and demands were made for
this time L12.5Million. And so is the next, January 29, 1993 and
another L10Million siphoned off by the bad guys. According to my
figures and those in the Times article, hundreds of millions of pounds
have been paid ransom in what is clearly an example of Class III
Information Warfare.
According to officials in Washington, Whitehall, London, City of London
Police, the National Security Agency, Kroll Associates, Bank of
England and others (in the article) the threats are credible. The
attackers have the clear ability to bring trading and financial
operations to a halt - exactly when they say they will. "Banks,
brokerage firms and investment houses in America have also secretly
paid ransom to prevent costly computer meltdowns and a collapse in the
confidence among their customers," sources said in the article.
The article discussed the advanced information warfare techniques used
by the perpetrators. "According to the American National Security
Agency (NSA), they have penetrated computer systems using 'logic bombs'
(coded devices that can be remotely detonated), electromagnetic pulses
and 'high emission radio frequency guns' which blow a devastating
electronic 'wind' through the computer systems." [For a complete
description of HERF Guns (coined by Schwartau in 1990), see
"Information Warfare: Chaos on the Electronic Superhighway," Thunders
Mouth Press, 1994]
The perpetrators have also left encrypted messages, apparently
bypassing the highest security levels of the systems, leaving messages
such as "Now do you believe we can destroy your computers?" The NSA and
other officials believe that four gangs are involved; probably one from
the US and probably one from Russia. But, because the crimes are
international, national borders still prevail, making investigation
more difficult. Investigations and official inquiries have been in
progress for some time according to the article.
Now, for a few things you will not see in the articlem, but will
hopefully [if I am lucky] come out in the near future. The number of
attacks is way above 40. They have been known about for almost three
years, but only recently have people been willing to come out of the
closet and discuss this highly sensitive issue with the media. Long
briefs and analyses of these events have been submitted to high level
officials and select business persons for at least a year, but to no
avail. [Security by obscurity reigns all too often.] Banking is not the
only industry that has been attacked and the attacks have been spread
around Europe as well as Australia.
As an industry many of us have said that the only way something will
really be done is if we experience a Computer Chernobyl [Peter Neumann
Phrase as I recall] or as I first said in Congressional Testimony, An
Electronic Pearl Harbor. Are these events the harbinger of strong
reaction by the community at large? As events unfold and more
information is permitted to be disseminated over the next few days and
weeks, we will see.
We have essentially solved the issues of confidentiality and integrity.
But, I have maintained that the real problem is going to be Denial of
Service. These events are unfortunate, but clear examples of that
reality.
A Bank of England official also said of the incidents, "it is not the
biggest issue in the banking market." Hmmm. I have to think about
that.
--
Winn Schwartau - Interpact, Inc.
Information Warfare and InfoSec
V: 813.393.6600 / F: 813.393.6361
Winn@InfoWar.Com
------------------------------
From: mds@access.digex.net
Date: 01 Jun 1996 07:29:03 GMT
Subject: Re: Credit Cards with Internet Fraud Insurance
Organization: Wilkinson, Barker, Knauer & Quinn
References: <comp-privacy8.42.14@cs.uwm.edu>
wbe@psr.com (Winston Edmond) writes: A few weeks ago, I got a piece
of junk mail asking me to apply for a VISA card. What made the
offer unique was that it had the word WEB in big letters on the
outside envelope... (Sorry, no, I don't have the name of the bank
any more. It was a U.S. bank and looked like a nationwide mailing
to me, so maybe others will get a solicitation, too.)
I got the same mailing. It was a bank subsidiary of Block Financial
Co., which is presumably related to H&R Block, owner of Compuserve.
===========================================================================
Michael D. Sullivan, Bethesda, MD (USA) email: mds@access.digex.net
Also online as avogadro@well.com and 71460.1134@compuserve.com
===========================================================================
------------------------------
From: arlenelea@aol.com (Arlene Lea)
Date: 02 Jun 1996 15:49:34 -0400
Subject: Re: Credit Cards with Internet Fraud Insurance
Organization: America Online, Inc. (1-800-827-6364)
References: <comp-privacy8.44.6@cs.uwm.edu>
Got a call from Discover asking if we had been charging (almost to the
max) in San Diego that day. Since I was in LA and my hubby was in
Sacramento, you know what had happened. Interestingly, we both had our
cards and had not used discover over the net. It seems some sales
person either gave the number out or threw away a reciept of some kind
letting someone else get our number, print in on a Blank card and then
use the new card.
When we got the new ones, there was a sticker saying to call in to
activate the cards. Called the number, was told by a computer voice to
punch in the card number and thats it. No questions of social security
number, date of birth, mother's maiden name, *nothing* - just a
computer voice saying punch in the numbers.
You can be sure we called and complained the next working day to a
human - wE got NO satisfaction, but at least we complained. So much
for safety in having to activate the cards, any idiot could read the
number off the card.
Arlene Lea @aol.com
All I know is, the choices we make dictate the life we lead.
To thine own self be true ".
[moderator: I just got a card from the Web Conductor (Block
Financial). They asked me to key in the card number and then a part
of my socsocno. They said this was needed to "activate" the card.]
------------------------------
From: Joseph Seanor <cibir@netcom.com>
Date: 31 May 1996 15:22:31 -0700 (PDT)
Subject: Private-Eye Mailing list
If you are a Private Investigator, Detective, or Security person, or
just interested in Private Investigations join the Private-Eye mailing
list. The cost is FREE and to join send email to:
Private-Eye-Request@netcom.com
in the body:
subscribe private-eye your name
Joseph Seanor
CIBIR Corporation
cibir@netcom.com
------------------------------
From: benson@sorted.com (E. Benson)
Date: 02 Jun 1996 20:26:01 GMT
Subject: Electronic Privacy, Security Journal to Premier June 1
Organization: sorted - electronic issues on an insecure planet
Electronic privacy, security journal to premier June 1
"sorted," a journal of electronic issues on an insecure plant, will
debut on the World Wide Web June 1, 1996. Located at
"http://www.sorted.com", the journal will address issues related to
electronic privacy, wiretapping, surveillance, encryption, the V-Chip
and Clipper Chip, and related issues.
Issue No. 1 contains feature articles by internationally known author
and NPR commentator Andrei Codrescu and computer privacy consultant and
Private Idaho author Joel McNamara.
The journal also features an FTP site which includes a full mirror of
Cypherpunks PGP archive and related files. The address is
"ftp.sorted.com/pub/encryption".
------------------------------
From: Larry Richard <olexpo96@aol.com>
Date: 03 Jun 1996 14:39:01 -0700
Subject: Growing the new Technology Concern
Organization: OnLine Expo 96
It's no secret that Wall Street has a keen eye squarely focused on the
new and emerging technology sector. Correspondingly, there's no
shortage of creative and dynamic talent with business applications,
products and services seeking appropriate funding to take their
business operations to the next level. ONLINE EXPO '96 brings together
respected members of the investment banking, venture capital, and
financial services firms to host a series of panel presentations, as
well as a "meet and greet" session so that entrepreneurs and investors
can exchange ideas, business plans, and advice, and to share ways to
use the ONLINE EXPO '96 AT SAN FRANCISCO EXPOSITION CENTER JULY 11-13
(http://www.onlineexpo.com) --email: olexpo96@aol.com
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 31 May 1996 09:14:50 -0600 (CST)
Subject: Info on CPD [unchanged since 11/22/95]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the Subject: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit the text except for purely technical reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Web browsers will find it at gopher://gopher.cs.uwm.edu.
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Web: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V8 #045
******************************
.