Date: Tue, 07 Dec 93 15:22:24 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V4#004 Computer Privacy Digest Tue, 07 Dec 93 Volume 4 : Issue: 004 Today's Topics: Moderator: Leonard P. Levine HELP! Need responses to survey on net privacy Is PGP really Uncrackable? Re: Right To Search Floppy Disks? Re: Right To Search Floppy Disks? Re: Right To Search Floppy Disks? Re: Is there an effective way to stop junk phone calls? Re: CPSR Alert 2.06 Re: The Club The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. Back issues are available via anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The archives are in the directory "pub/comp-privacy". Archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------------------------------------------- From: mdsp_ltd@uhura.cc.rochester.edu (Pooch) Subject: HELP! Need responses to survey on net privacy Date: Sat, 4 Dec 93 19:19:20 GMT Organization: University of Rochester - Rochester, New York I am looking (again) to survey the net for a class that I am taking on engineering ethics. I have a couple of questions that I'd like to hear the net's responces to. They are not necessarily real situations, although in some cases they are. Please E-mail your responses to mdsp_ltd@uhura.cc.rochester.edu. Since the semester is nearlly over, please answer soon. ---------------------------------------------------------------------------- 1) A system administrator publically states that he will not read any user's account on the system for any reason. Several users have requested that PGP (Pretty Good Protection) encryption be installed on the system, but the sys-admin says that he will not install it, and any user found using it will' have his/her account locked. The reasoning is that since the sys-admin will not read any mail or user's accoints, that it is not needed except to use for illegal reasons. 2) A system administrator maintains a list or real user's names in a publicaly accessable file. Users of this system almost never use their real names as finger names. Should this file remain publically readable, or is this an invasion of privacy? 3) Should the internet be regulated? 4) Is the internet, in your opinion, owned by anyone? 5) A certain information service uses it's own custom software in lieu of a normal terminal program. This software, on startup, reads the contents of the user's hard drive, and sends a list of software to the system every time the user logs in. Comment on this. This service then sends a copy of this information to advertisers and a governmental software piracy group. Comment on this? 6) Should anonymous mail be permitted? Should it be condoned? Should it be prohibited by a sys-admin? ----------------------------------------------------------------------------- Thank you for all of your responses to these questions. These surveys will be used for a class report. I will report the results here however. The names of respondees will not be used. Once again, please E-mail responses to mdsp_ltd@uhura.cc.rochester.edu Thanks! +-------------------------------------------------------------------------+ | Marc D. Spencer, C.E. WRUR-FM | Technology is a way of organizing | | mdsp_ltd@uhura.cc.rochester.edu | the universe so that man doesn't | | | have to experience it -Frisch | +-------------------------------------------------------------------------+ ------------------------------ From: Chris Burris Subject: Is PGP really Uncrackable? Date: Sat, 4 Dec 1993 18:00:22 -0500 (EST) I have heard recently that the author of PGP was forced by the NSA to insert a trapdoor into PGP. He was allegedly charged with traffiking narcotics and the NSA forced him to put the trapdoor into PGP as plea bargain. Is this true? ------------------------------ From: nevin@cs.arizona.edu (Nevin Liber) Subject: Re: Right To Search Floppy Disks? Date: 4 Dec 1993 14:46:09 -0700 Organization: University of Arizona CS Department, Tucson AZ In article , Dick Murtagh (8-465-4916) wrote: >Disclaimer: I am not a lawyer. Do not take this as legal advice : >It's a matter of who owns the disks. Are they borrowed from the school >or were they purchased by the student ? If they belong to the school, >then the school can search them at any time (like the lockers). So, if I borrow a sheet of paper from a friend, that friend "owns" whatever I have written on it?? I do not believe that that is a reasonable expectation. If it is, I'll loan all my favorite authors all the paper they want. :-_ -- Nevin ":-)" Liber nevin@cs.arizona.edu (602) 293-2799 ------------------------------ From: Justin Fidler Subject: Re: Right To Search Floppy Disks? Date: Sat, 4 Dec 1993 17:30:23 -0500 (EST) Let me clarify a few things from my original post about searching floppy disks: > From: ranck@joesbar.cc.vt.edu (Wm. L. Ranck) > As far as the floppy disks that the original poster asked about, who knows. > Do they belong to the school (as lockers do) or did the person own them? It's a bit of a unique situation. Students purchase the disks from the school for $1.00 or may bring in their own. The student must keep this disk in a classroom disk box that the school provides that is locked at the end of the class. The reason for not letting students to take disks home, they claim, is that students could bring viruses onto the network. > From: craffert@nostril.lehman.com (Colin Owen Rafferty) > It seems to me more closely comparable to looking in a student's > locker, or through his/her book bag. Actually, there is a distinct difference. Because lockers are school property, the school administration may search them at will (they also announce this at the beginning of each year), while a little more justification is needed to search a student's bookbag, which is the student's property. > This is why everything personal that you have should be encrypted. > Everything. One problem with this at the particular school in question: any student found in DOS will be immediately suspended from using computers at the school. If an encyrption program can't be run, things can't be encrypted. Justin Fidler ------------------------------ From: Chris Burris Subject: Re: Right To Search Floppy Disks? Date: Sat, 4 Dec 1993 18:11:31 -0500 (EST) > Justin Fidler writes : > > Does anyone know of the legal issues involved when a public high school > searches the floppy disks of a student? I have witnessed an incident > where a school administration has gone to the effort of undeleting files > and then using the information found in these undeleted files against a > student. It seems to me this would be comparable to the police searching > through a person's garbage. Any ideas? School administrations are not on the legal level and therefore they have the ability to conduct searches which may seem legal. Students(minors) have different rights that apply then adults do. I have had several occasions where the administration used some undeleted files as evidence to have me suspended. Also as to whether the school system has the right to search a persons disk: Although a disk may be the property of the user, the school administration will usually say that since the disk is being used on a school machine it has to be searched. This pertains not only to the threat of a virus being introduced to the system but the fact that legally-questionably material may be contained on the disk. I know that the administration of my school not only checks for virii but for questionably material. ------------------------------ From: dpbsmith@world.std.com (Daniel P. B. Smith) Subject: Re: Is there an effective way to stop junk phone calls? Date: Sat, 4 Dec 1993 16:12:10 GMT Organization: The World Public Access UNIX, Brookline, MA In article pete ritter writes: >In article amyh@tc.fluke.COM (Amy Heidner) writes: > >At long last, federal law now requires telemarketers to remove from their >call lists, anyone who requests it. The law also requires them to give >the name of the telemarketing firm, its address and telephone number if >you request it. > >The next time I get a telemarketing call, I will ask for both. I will >check out the info I am given. If the info does not check out, >the telemarketer has violated federal law, and I will demand the that the >FBI and the federal prosecuter pursue prosecution. But how do I do this with computer-placed glorified answering machines? I have, in fact, tried leaving messages asking for the firms' identity -- "If you want more information on how YOU can save money on life insurance, please leave your name at the tone"/"Hello-I'm-Dan-Smith-and-I-want-your- name-address-and-telephone-number-which-I'm-entitled-to-by-Federal-law-please- call-me-at-XXX-YYY-ZZZZ-with-that-information." I hardly need tell you I don't get any response. The requirement that I get TWO calls before anyone takes action is a problem, too. The problem is with the calls I get COLLECTIVELY, not the number of calls from any particular single telemarketer individually. -- Daniel P. B. Smith dpbsmith@world.std.com ------------------------------ From: steve@owlnet.rice.edu (Steven Minor McClure) Subject: Re: CPSR Alert 2.06 Date: Sun, 5 Dec 1993 04:26:15 GMT Organization: Rice University Did Sen. Simon actually get up and say this in front of the Senate, or was this just turned in to the GPO as what is referred to as an "extension", by which any Congresscritter can put anything they want into the record? In article Monty Solomon writes: >...============================================================= > Volume 2.06 December 1, 1993 > ------------------------------------------------------------- >[1] Senator Simon Introduces Major Privacy Bill >... >[2] Senator Simon's Statement on Introduction > (From the Congressional Record, November 19, 1993) > >Mr. Simon. "Mr. President,..... ------------------------------ From: tosh!starta@enuucp.eas.asu.edu (John Starta) Subject: Re: The Club Date: Sun, 5 Dec 93 11:32:46 -0700 In walls@oms24.cfsat.honeywell.com (Gerald Walls) writes: >The makers of The Club have a set up a number (800) 633-CLUB that you >are supposed to call to report the license plate number of a car >registered in your state that has The Club in it. This enters you >into a drawing where they will award 50 $100 prizes. You can only >enter once. What is the purpose of the 800 number? I assume that it's some lame form of product registeration because calling Winer International, makers of The Club, is the furthest from my mind if I see a vehicle being DRIVEN with The Club on it. What angers me more than Winer International using this technique of product registeration is Motor Vehicle departments around the country allowing illegitimate access [to vehicle records] like this. john -- *** PHOENIX SUNS * 1993 WESTERN CONFERENCE CHAMPIONS * PHOENIX SUNS *** ------------------------------ End of Computer Privacy Digest V4 #004 ****************************** .