Date: Sun, 07 Jul 96 09:59:00 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V9#002 Computer Privacy Digest Sun, 07 Jul 96 Volume 9 : Issue: 002 Today's Topics: Moderator: Leonard P. Levine Re: Cookies Re: Cookies AOL Now Polices Private Rooms Re: Privacy while Downloading from Newsgroup How an Innocent Download Can Lead to Prosecution DENVER POST: Student Database Called Orwellian Automation of Contagion Vigilance - Draft ready Vein Pattern Checking -- Anti-Fraud or Anti-Freedom? Info on CPD [unchanged since 11/22/95] ---------------------------------------------------------------------- From: wrfuse@mab.ecse.rpi.edu (Wm. Randolph U Franklin) Date: 04 Jul 1996 00:32:08 GMT Subject: Re: Cookies Organization: ECSE Dept, Rensselaer Polytechnic Institute, Troy, NY, 12180 USA References: Here's an analogy that might help us explain to nontechnical people why we don't like some of cookies' uses. Remember the survey forms that you get in the mail to fill out and return? Altho nothing is promised, you can see that your response is anonymous; neither your name nor any identification info is to be seen on the form that you return. Well... it seems that some of these forms have your identification on them in invisible ink. I believe that the Scientific American did this once (and was roundly slammed and promised to stop). Cookies are like this. They secretly link in info about previous places that you visited, which they don't tell you that they're doing, and which you would have no reason to suspect that they're doing. -- wrfuse@mab.ecse.rpi.edu (Wm. Randolph U Franklin) ------------------------------ From: "Prof. L. P. Levine" Date: 05 Jul 1996 15:03:57 -0500 (CDT) Subject: Re: Cookies Organization: University of Wisconsin-Milwaukee Discussion of "They Know Who you Are" By Hiawatha Bray of The Boston Globe In a copyrighted article for the New York Times News Service Hoawatha Bray shows a feature of many of our browsers. In the article he states: For a stark and surprising illustration of the problem, point your Internet browser at this address: http://www.13x.com/cgi-bin/cdt/snoop.pl. Here you'll find a Web page operated by the Center for Democracy and Technology, an Internet civil liberties group that has come up with a disturbing lesson in the power of technology. Here you'll get a report on the type of browsing software you're using, the resolution settings of your computer's monitor, the Internet access service you're using, the general part of the country you're located -- perhaps even a little map of the state. If your software allows it, the CDT Web page can even tell you the address of the last Web page you visited. You've revealed all of this, just by visiting the page. It gets better -- or worse, depending on how much you value your privacy. Once you're done, check your electronic mail box. There may be a message waiting for you there, sent from the folks at CDT. Certain browsers, like Netscape 2.0, will reveal the user's e-mail address to any Web site designer who bothers to ask. And the site operator can share your address with anyone he or she chooses. Hiawatha Bray is a member of the Globe staff. You can contact him by electronic mail at bray@globe.com. When I viewed the site above I saw text like the following: Your computer is a PC running Windows 95. Your Internet browser is Netscape. You are coming from blatz.cs.uwm.edu. Another web site that does innocently playes similar games is: http://www.illuminatus.com/cookie who give you a cookie and tells you how many times you have visited the site. These are innocent examples of what is being done now by browsers. -- Leonard P. Levine e-mail levine@cs.uwm.edu Professor, Computer Science Office 1-414-229-5170 University of Wisconsin-Milwaukee Fax 1-414-229-2769 Box 784, Milwaukee, WI 53201 PGP Public Key: finger llevine@blatz.cs.uwm.edu ------------------------------ From: "Prof. L. P. Levine" Date: 06 Jul 1996 11:30:37 -0500 (CDT) Subject: AOL Now Polices Private Rooms Organization: University of Wisconsin-Milwaukee Taken from fight-censorship-digest Friday, 5 July 1996 01:161 This was reported as coming from an alt. newsgroup. Note that it requires that if a person visits (by accident or otherwise) a chat room where illegal activity (such as distribution of illegal software) goes on the person will lose their AOL account. The email letter indicates quite strongly that if you have entered such a room you better inform the Community Action Team immediately with the 'or else' indicated by implication. Len Levine; UWM EE&CS Department Newsgroups: alt.aol-sucks Subject: AOL Now Polices Private Rooms from: never@dave-world.net (BANE) Organization: Your Organization Date: 03 Jul 96 04:06:21 GMT After being kicked out of the private room warez2 by an aol staffer here is the letter they sent me. Subj: TOS Violation Report Date: 96-07-02 00:45:49 EDT From: CATWatch05 To: Han1234567 Dear Member, This e-mail has been sent to all of your screen names. If you have already read it under another screen name, please disregard this copy. A screen name associated with your master account recently entered the chat room warez2 This chat room is reportedly being used to illegally trade software in violation of U.S. law and AOL=EDs Terms of Service. In accordance with our Terms of Service, AOL reserves the right to treat as public any private chat room whose directory or room name is published or becomes generally known or available. Please be advised that members found in these rooms may lose their AOL membership without further warning. If you entered this room in response to offers of "free online time", "upgrades of AOL" or the like, you should be aware that these offers are fraudulent. AOL does not issue credit through private rooms, and upgrades of our software are only available in designated free areas of AOL. If you come across any of these false offers, we would appreciate it if you would report them to the Community Action Team (keyword:TOS). If you believe you have entered such a room by accident, please contact the Community Action Team as soon as possible (keyword:TOS). We remind you that the AOL community depends on our members abiding by our community rules. If you are unfamiliar with these rules, please take the time to read AOL=EDs Terms of Service, which is always available free online by going to keyword "TOS". If you have any questions or comments regarding this situation, please feel free to contact us at the screen name TOSEMAIL1. Regards, The Community Action Team America Online, Inc. -- Leonard P. Levine e-mail levine@cs.uwm.edu Professor, Computer Science Office 1-414-229-5170 University of Wisconsin-Milwaukee Fax 1-414-229-2769 Box 784, Milwaukee, WI 53201 PGP Public Key: finger llevine@blatz.cs.uwm.edu ------------------------------ From: Dick Mills Date: 04 Jul 1996 09:40:40 -0400 Subject: Re: Privacy while Downloading from Newsgroup Steve Hunter wrote O.K. so, let's say I've downloaded the plans for a nuclear device from my PC based system. (PC at home directly my server account. I don't know if that's IP, TCP, ISP, BBC or B.B. King) No shell, no employer, just me and my faithful PC. Can I expect the FBI at my door tomorrow morning asking to see my A-Bomb, please?" The previous poster acar@vcn.bc.ca (Al Acar) described three ways your privacy can be compromised and said that he was sure there are more. Indeed there are. There are so many ways to be tripped up and have the computer betray your privacy we can't imagine them all. Here's a few more. a)A man in Syracuse NY sent his broken PC out for repair. The repairman found kiddie porn on his hard disk and called the FBI. The man was convicted. b)I asked my own attorney what he did about repairmen and his office computers containing my files. He replied, "I never thought about that." c)A few years ago there were rumors (I don't know if they were true) that Sun workstations were shipped with the microphone enabled by default. Savy hackers around the world could eavesdrop on conversations in the rooms with these workstations. d)Shimomura, the "foremost security expert" who tracked down and caught Kevin Mitnick was looking because Mitnick had compromised Shimomura's security. Eventually, via encryption technologies, computers will become our number one tool for protecting our privacy. For now though, computers, especially in connection with the Internet, are your biggest threat. Here' my advice. If you want to engage in anything illegal, immoral or fattening, or just private, don't do it on, with, or even in the same room as any computer. For heavan's sake, don't do it on the Internet. Unfortunately that may include discussions with your banker, your lawyer, and your doctor. I sincerely hope that technolgy in combination with some carefully chosen legislation may someday improve this intolerable situation, but for today, that's the way it is. For now, consider everything you do on the Internet completely public. Your illusion of privacy surfing the net from your your own bedroom late at night with the door closed is just an illusion. The FTI might not be there tomorrow, but your risk of exposure lasts for years and years. -- Dick Mills O- http://www.albany.net/~dmills dmills@albany.net AKA rj.mills@pti-us.com ------------------------------ From: dwwrmk@teleport.com (dww) Date: 05 Jul 1996 19:46:15 -0700 Subject: How an Innocent Download Can Lead to Prosecution Organization: Teleport - Portland's Public Access (503) 220-1016 This website discusses what happened when a disgruntled 'friend' convinced the Washington State Police to investigate a college teacher for felonious possession of images downloaded from newsgroups. It includes a description of what happened, some newspaper articles about the case, how people can help, the latest update on the case, a pointer to other news of a similar case, and a pointer to a general news page. -- dwwrmk@teleport.com ------------------------------ From: Peter Marshall Date: 04 Jul 1996 11:24:04 -0700 (PDT) Subject: DENVER POST: Student Database Called Orwellian distributed with permission of THE DENVER POST. URL: "www.denverpost.com". ---------- Begin Forwarded message ---------- Student database called Orwellian Colo. plan a threat to privacy, critics say Janet Bingham Denver Post Education Writer 06/30/96 Denver Post A-01 (Copyright 1996) Imagine a researcher punching a button on a computer and pulling up most of your child's school history without your consent - schools attended, disciplinary records, physical or emotional disabilities and more. It could happen under proposals before the Colorado Board of Education that for the first time would centralize certain information about Colorado's 656,000 public school students. Districts would furnish the information via the Internet to the education department, accompanied by student name and Social Security or other identifying number. [....] Colorado is among a growing number of states that are creating electronic networks for student records. Both critics and advocates foresee the evolution of a national network that would allow electronic exchange of records among schools, social services, health and law enforcement agencies, colleges, the military and even employers. But some fear that even the embryonic system being proposed in Colorado could threaten privacy; they say legal loopholes open the possibility that personal information could be collected and shared without the consent of students and their parents. "Brick by innocent brick, the edifice of lifelong electronic student dossiers is being constructed without any recognition by the general public of what is being done," wrote Gordon Cook, a New Jersey-based privacy advocate, in a recent report. Cook publishes a newsletter and reports on privacy issues on the Internet. "Privacy issues are debated politely from the sidelines," Cook wrote, "while the technology juggernaut moves inexorably forward as children entering kindergarten are asked for their Social Security numbers." [....] Others remain wary: "I'm an advocate of data banks and using the power of technology to work through a lot of the paper shuffling we used to do," said Dick Weber, head of the Colorado Association of School Executives. "But there's a limit here. When it moves to individualizing and centralizing personal data by name and Social Security number, I have a problem with that," he said. "When you start tracking people from district to district or place to place, you have a point of intrusion into people's lives that I would have difficulty with. ... It starts to smack of Orwell a little too much." [....] Information would include emotional, physical or mental disorders that result in a child's placement in special education programs; participation in gifted and talented or remedial programs; expulsion and suspension history; type of school attended; transfer to or from a private school or home school; residence in mental health, correctional or detention facilities; or other factors indicating whether a student attends his normal district school. The names and identification numbers would allow a central computer to track individual students from year to year, from school to school and from district to district. [....] State board of education member Patti Johnson doesn't oppose letting districts send statistical summaries electronically to the department. But she said that can be done without including student identification. She would let schools send student records electronically to other schools - but only with family consent. "Individual data should not be released outside the building unless the student or parent requests it," said Johnson, who is a parent. [....] Individual student records are protected under federal privacy laws and cannot be made available to the public without parental consent. But a student's disciplinary records may now be shared with officials in other educational institutions without parental notification. And critics noted that privacy laws already permit other exceptions: School records can be disclosed without parental consent to school accrediting agencies and organizations "conducting studies on behalf of education agencies or institutions. The records can also be released without consent to another school, school district or postsecondary institution where th student was enrolled or intends to enroll; agencies in the state's juvenile justice system; "authorized representatives" of the U.S. comptroller general, the U.S. secretary of education and the state department of education; and state education officials "with a legitimate educational interest in the records." Critics say that list can be broadly interpreted. But the state board could adopt its own, more restrictive policy, Johnson said. nformation has historically been difficult to collect because it was scattered and reports weren't standardized, so large-scale breaches of privacy were rare. "The more people who have access to such information, the more chances for breaches of confidentiality," Johnson said. Even the consulting firm that recommended a centralized data system for Colorado and several other states acknowledges that the growing practice of using Social Security numbers to identify students poses a danger. There is "the potential for developing a database that contains massive amounts of information, making individuals subject to computerized matches and searches without their awareness or consent," said the report from CTMG Inc. A parent cannot legally be required to give a student's Social Security number; the state would have to come up with an alternate identification number for those who decline. [....] But Weber warns of letting students "be dogged by an electronic pit bull" - a record that follows them forever and may limit their ability to start over in a new environment. In Seattle, privacy advocate Janeane Dubuar worries about where student information ends up. In that state, she said, high school graduates from 36 school districts are being tracked into college, the military and the workplace - without their consent - using Social Security numbers. Dubuar, a member of the Seattle Chapter of Computer Professionals for Social Responsibility, also points to an incident in Kennewick, Wash. Behavioral information on 4,000 children was sent, with names, to a psychiatric care center that contracted with the district to screen for "at-risk" students who might benefit from its programs. The data, she said, was sent without parents' knowledge. Colorado board member Johnson wants to make sure similar things can't happen here. "If Colorado is to be in the forefront of computerized data exchange in order to streamline the process of budgeting and reporting, it must also be in the forefront of concerns about our right to privacy." ---------- End Forwarded message ---------- ------------------------------ From: DavidS@dk-online.dk (David Stodolsky) Date: 04 Jul 1996 23:27:18 +0200 Subject: Automation of Contagion Vigilance - Draft ready I now have ready a prepublication draft of "Automation of Contagion Vigilance", which will appear in Methods of Information in Medicine. The paper is directed toward the AIDS problem, but the approach is also applicable to computer viruses and other contagion type processes. Requests for the lastest version go to: DavidS@dk-online.dk -- Automation of Contagion Vigilance David Stodolsky DavidS@dk-online.dk Abstract The very long latency between HIV infection and the appearance of AIDS imposes extensive information processing requirements on partner notification efforts. The apparently contradictory needs of maintaining the right to privacy of infected persons, while simultaneously providing information to persons at risk of infection, impose severe security requirements. These requirements can be satisfied by a Contagion Management System based upon networked personal computers of a kind now becoming available. Security of information is based upon cryptographic protocols that implement anonymous partner notification (contact tracing) and privacy preserving negotiation. The proposed scheme has the following properties: (a) Contact tracing is automated, (b) contacts remain anonymous, (c) sensitive information is kept private, and (d) risk-conscious users act as if sensitive information was public. Optimal health protection can thus be obtained while securing informational rights. Here are main and sub headings for the files with page numbers (double spaced lines): 1) Automation of Contagion Vigilance Document Structure 4 Definitions 5 Individual Rights and Public Health 8 Partner Notification using Distributed Databases 10 Classes of Transmissible Agents 11 Informational agents demanding attention 11 Informational agents processible by machine 12 Communicating Diagnostic Information 13 Anonymous partner notification 13 Secure partner notification 17 Secure and anonymous partner notification 19 Possible Application Development 23 Rationale and Summary 25 2) Appendix: Privacy Preserving Negotiation. Conditional Privacy 1 Single Stage Models 2 An ideal physical model 3 Asymptotically secure models 3 Amount of information released 4 Protocol implementation. 5 A Multistage Model 6 Risk of Compromise 10 ------------------------------ From: taxhaven@ix.netcom.com (Adam Starchild ) Date: 05 Jul 1996 11:45:59 GMT Subject: Vein Pattern Checking -- Anti-Fraud or Anti-Freedom? Organization: Netcom Vein Pattern Checking -- Anti-Fraud or Anti-Freedom? We continue our look at the growing field of Biometry, the statistical analysis of biological data. The cashpoint machine (ATM) is rapidly turning into Big Brother's testing ground for all manner of intrusive surveillance and detection devices. The latest biometric project on the drawing board is vein-pattern checking. Once again masquerading as an anti-fraud precaution, this pointless device will scan a persons' hand as they insert their card into the machine. By checking for unique patterns of veins buried just beneath the skin's surface, the machine will be able to tell if the card is being used by its true owner. The Mouse does not have at its disposal, statistics showing exactly how ATM machines are used fraudulently. However, common sense begs the question, what is the point in all this? The vast majority of non-violent ATM fraud must occur when people are foolish enough to leave their PIN in their wallet or, worse still, written on their card! These people don't deserve to be 'nannied' by the system. Having their money fraudulently withdrawn serves as a valuable lesson not to be so careless in future. The victims of violent ATM fraud are usually frog- marched at knifepoint to the ATM, where they will use their own hand to insert their own card - how does vein-pattern checking solve this one? Then there's the other type of victim who is forced to reveal their PIN under duress before the crook runs off with their cashcard. The recent case in Britain of the London police-mechanic, Alan Holmes, demonstrates the lengths that crooks will go to for minuscule sums of money. The victim was tied to his own bed and forced to reveal his PIN numbers to his attackers. The thieves fled with his cards and withdrew 1200 pounds from the man's credit and current accounts. The crooks did not bother to inform anyone that Mr Holmes was tied to his bed. He died of dehydration after laying undiscovered for 10 days. If criminals are prepared to kill for a few hundred pounds, surely they won't be adverse to cutting off a person's hand and taking it to the cashpoint? This plot is thinly veiled. By installing biometric devices at such vital points as ATMs, which practically everyone uses, you develop a database of biometric information. Such information could never be gleaned by telling the truth. "We want to form a police-state where we can keep tabs on everyone and everything. In order to do this we need to be able to identify everyone at the push of a button. Please supply us with your fingerprints, retinal scans and a vein-pattern. Thank you." Not likely is it? Though they still mange to get the sheep to hand over such information by disguising it as anti-fraud measures. Reprinted with permission from The Mouse Monitor, May, 1996, a magazine for the customers of Scope International, whose website is at http://www.britnet.co.uk/scope Posted by Adam Starchild The Offshore Entrepreneur at http://www.au.com/offshore ------------------------------ From: "Prof. L. P. Levine" Date: 07 Jul 1996 09:19:56 -0500 (CDT) Subject: Info on CPD [unchanged since 11/22/95] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the Subject: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Web browsers will find it at gopher://gopher.cs.uwm.edu. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Web: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V9 #002 ****************************** .