Date: Tue, 09 Jun 92 09:04:55 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#045 Computer Privacy Digest Tue, 09 Jun 92 Volume 1 : Issue: 045 Today's Topics: Moderator: Dennis G. Rears Cordless Phones Cordless Phones Photo-Credit Cards Re: is personal privacy overrated ? Re: Privacy and blood The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.200]. ---------------------------------------------------------------------- Subject: Cordless Phones Date: Mon, 8 Jun 92 13:07:33 EST From: Rob Schultz <> <> In article Webbge@che19.ncsu.edu (Greg Earl Webb) writes: >The nice thing about a 10-channel phone is that there is a GOOD chance >that someone in the neighborhood will have the same channel. These means >you can wal around the neighborhood until you find someone with the same >channel and bingo.... Free phone calls. Actually, the model that I have has a "security" feature that prevents the phone from setting up a call between the base and a foreign phone (and presumably between the phone and a foreign base - I haven't tried either one). The handset has an switch on it which changes the authorization code between the base and the handset. The handset must be replaced on the base anytime the switch is changed, in order to sync up the two codes. I believe (not sure) that the phone also generates a pseudo-random authorization code for use in cunjunction with the switch. I will try to find my manuals at lunch and get some more information on this. -- Rob Schultz At Home: At work: +1 219 262 7206 rms@andria.miles.com rms@miles.com {uunet|iuvax}!nstar!miles!andria!rms {uunet|iuvax}!nstar!miles!rms ------------------------------ Subject: Cordless Phones Date: Mon, 8 Jun 92 13:13:02 EST From: Rob Schultz Ok, I went home at lunch and read through the users manual for my Panasonic 10-channel cordless phone. Apparently, the only authorization codes are the switch. The handset must be on the base unity for 10 seconds for the change to take effect. There is a lock-out on dialing when the handset is on the base unit to prevent an unauthorized handset with the same security code from accessing the line. The manual did not say anything about locking out incoming calls, however. So, I would presume it might be possible for an unauthorized handset to intercept an incoming call even when the handset is on the base unit. The challenge would be for the interceptor to determine when a call is coming in. -- Rob Schultz At Home: At work: +1 219 262 7206 rms@andria.miles.com rms@miles.com {uunet|iuvax}!nstar!miles!andria!rms {uunet|iuvax}!nstar!miles!rms ------------------------------ Subject: Photo-Credit Cards Date: Mon, 8 Jun 92 13:38:03 EST From: Rob Schultz From a blurb at the bottom of my last Citibank Visa statement: For added security, you can now put your photo on your Citibank Visa card. This new feature is available to you at no extra cost. You will be receiving a special postage-paid mailer soon. Also included in the statement was a PP mailer with the following blurb: Put your photo on your Citibank Classic card for the ultimate in security, at no extra cost. Send us your photo today! This new security feature can help prevent fraudulent use of your Citibank Classic card if it's ever lost or stolen. It also makes a great form of photo ID. Get added security and extra peace of mind...send in your photo today! Just follow these three easy steps: ->1. Choose a _recent_ color snapshot, portrait or passport photo. Your photo should show a sharp, full front view of your head and shoulders, something like the picture shown here. ->2. Trim your photo to about 2" square. Using the picture as a guide, trim your photo so it measures about 2 inches high by 2 inches wide. Make sure the bottom of your chin and the top of your head aren't cut off! ->2. Affix your photo below and return this handy postage-paid mailer. Your new Citibank Classic photo card will be sent to your billing address about four weeks after we receive your picture! Do not send your Citibank Classic card with your photo -- you can keep using it until your new photo card arrives. The card has a space for name/address/SSN/Card numbers affected. The card also has a space for your signature, with the following legend below it: PLEASE SIGN WITHIN BOX (Required) By signing above I certify that this is a picture of me, as named above. For additional cardmembers who would like to add photos to their cards: Indicate the number of photo card applications needed (one per cardmember): Has anyone heard of this before? Why are they giving this service to cardmembers for free? Are they (can they?) using the photos for dubious purposes? What would these be? I guess the whole thing just strikes me as a bit odd, and I am not sure if, overall, this is a good thing or just another way to get yet more information about me disguised as a service. The data collected (photographs) could be used for many things, including future verification of identity or even discrimination. (FWIW, the subject in the sample photo is a white male in his 30's.) I can envision a system wherein a potential creditor would dial up a database server and pull up the borrowers credit history and photograph, and use these as a basis for making a credit decision. As I receive more information, I will try to post it to this list. -- Rob Schultz At Home: At work: +1 219 262 7206 rms@andria.miles.com rms@miles.com {uunet|iuvax}!nstar!miles!andria!rms {uunet|iuvax}!nstar!miles!rms ------------------------------ From: Paul Wallich Subject: Re: is personal privacy overrated ? Date: Mon, 8 Jun 1992 21:37:27 GMT In article jartz@bassoon.mitre.org (John Artz) writes: >Of course all these things are true. But they have to be balanced against >the benefits of unrestricted information flows. As a society we place a >pretty high premium on freedom of information. We strongly support public >education and librarys. We refuse to allow the government to keep >secret information except in the most extream circumstances. People >are willing to go to jail to protect the freedom of the press, or to >prevent censorship. However, when it comes to personal privacy >all this high minded social responsibility comes to a screetching halt. Just what _are_ the benefits to individuals of the unrestricted flow of information about them? I can see the benefits of forbidding the government, which is the servant of the people (in theory at least) to withhold information from its collective employers. I can see the benefit of allowing publishers to disseminate information that they have (generally lawfully) gathered. But I don't immediately see the benefit of allowing a widespread trade in information about me by organizations with whom I stand in a sadly asymmetrical relationship. (You'll notice, by the way, that very few gatherers of personal information assert that that information should be freely available; instead they claim to _own_ information about other people and make it available for a price.) paul ------------------------------ Date: Tue, 9 Jun 92 03:20:42 -0700 From: "Robert L. McMillin" Subject: Re: Privacy and blood Khan writes: > >In California, there is a statewide database of people who should be > >excluded from donating blood for any reason. It is of course useful these > >days for donors with AIDS, but the database predates the AIDS epidemic. > > Seems pretty silly to me. Not only is it a misuse of the SSN, but suppose > AIDS Mary, who got infected and is now bitter and wants revenge on the > world, decides to give blood in the hope of infecting others. She > gives blood once, they test it, find out it has AIDS. Her SSN is added > to the list. She gives blood again, only this time they refuse since her > SSN is on the list. She catches on quickly, and gives a fake SSN the > next time. They accept her blood. I sure hope they test each and every > donation, since she has easily circumvented the system. And since they have > to test each and every donated pint *anyway*, what's the point in keeping > the stupid database? Irony of ironies: William Dannemeyer, (R-Anaheim, CA), arch- conservative and nationally famous homophobe had the temerity to suggest in 1985 that a database of all HIV-positive people should be kept in order to prevent these same from donating blood. At the time, this caused quite a stir among homosexuals (or at least, the more vocal ones). Now that many AIDS-tainted blood has infected many people (I've got one friend who has AIDS from a transfusion he received while in an Army hospital circa 1983), I wonder if any of them have changed their positions on this. Normally I don't agree with much Dannemeyer has to say, but I frequently find that the propaganda put out by some of the more obnoxious elements of the homosexual community to be downright dangerous for themselves, if to no one else. Just last year, I read a so-called 'saf-er sex guide' published via sci.med.aids that suggested that sex with multiple partners, fistf-cking, and prostitution, were all acceptable practices that "can be done with minimal risk of AIDS," and that warnings against these practices "are based on moralism not medicine." Oh really? --- Robert L. McMillin | Voice: (310) 568-3555 Hughes Aircraft/Hughes Training, Inc. | Fax: (310) 568-3574 Los Angeles, CA | Internet: rlm@ms_aspen.hac.com ------------------------------ End of Computer Privacy Digest V1 #045 ******************************