Date: Mon, 24 Aug 92 17:08:30 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#073 Computer Privacy Digest Mon, 24 Aug 92 Volume 1 : Issue: 073 Today's Topics: Moderator: Dennis G. Rears Administrivia re: paranoia about encrypting personal communications re: Dope lights the media and the LAW & ORDER mentality Re: Auto Alarm vs Privacy Re: Court Ruling on SocSec# at Rutgers, info needed The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.200]. ---------------------------------------------------------------------- Date: Mon, 24 Aug 92 17:00:32 EDT From: Computer Privacy List Moderator Subject: Administrivia Good afternoon. I apologize to all the USENET readers who have not been getting any articles for about a month. There was a problem at out site that prevented any articles from leaving out site. I believe it has been corrected. I have resent all the articles that didn't go through. For those of you who interested it was a problem in my sys file. I had used the 'f' flag instead of the 'F' flag and nntpxmit choked on the difference in the outgoing control file. Dennis ------------------------------ From: Edward Bertsch Subject: re: paranoia about encrypting personal communications Date: Sat, 22 Aug 92 16:35:54 CDT ->From: uunet!Camex.COM!kent@uunet.uu.net ->Subject: Re: Computer Privacy Digest V1#071 -> ->In Volume 1 : Issue: 071 someone asked about a book. Here are the ->details: -> -> By Way of Deception: The Making and Unmaking of a Mossad Officer -> -> Victor Ostrovsky and Clair Hoy -> ISBN 0-312-92614-6 Published by St. Martins (at least in the US) -> ->I enjoyed it, but it made me more paranoid about encrypting personal ->communications. -> ->Kent Borg kent@camex.com or kentborg@aol.com I don't understand. It made you want to start encrypting your personal communications, or it made you worry what people would think if you were encrypting your personal communications ? (or did it make you worry if you were encrypting your personal communications with a strong enough algorithm on a secure machine with coresident software you could trust and a bios the feds hadn't gotten their fingers into?) et cetera. Ed -- Edward A. Bertsch (eab@msc.edu) Minnesota Supercomputer Center, Inc. Operations/User Services 1200 Washington Avenue South (612) 626-1888 work Minneapolis, Minnesota 55415 (612) 645-0168 voice mail ___________________________________________________ Dump the Republocrats: vote Libertarian in '92 --------------------------------------------------- ------------------------------ From: Edward Bertsch Subject: re: Dope lights Date: Sat, 22 Aug 92 16:39:33 CDT ->From: Dan Veditz ->Subject: Feds seek customer records on "Grow-lamps" ->Date: Fri, 21 Aug 92 11:56:00 PDT -> ->An AP story in today's paper (21 Aug 1992) date-lined ->San Francisco states that Federal prosecutors sought court ->orders yesterday to force three local businesses to turn over ->their customer lists, sales receipts and shipping records ->for indoor "Growing lights" since the start of 1990. They ->also want copies of any correspondence mentioning marijuana. -> Well, I guess the moral of the story is that, as usual, you should assume the worst and leave as little incriminating (or otherwise) evidence as possible. Buy your questionable products (lights, scales, whatever) with cash, or even have some non-user/whatever buy the stuff for you WITH CASH or even use several intermediaries if you really are doing something the feds wouldn't put you on a commercial as an example of how to be a responsible citizen for. :-) I can see the message on a future video game now... Only losers buy grow lights -- Edward A. Bertsch (eab@msc.edu) Minnesota Supercomputer Center, Inc. ------------------------------ From: Edward Bertsch Subject: the media and the LAW & ORDER mentality Date: Sat, 22 Aug 92 16:43:26 CDT I don't know how many other people have noticed this, but we seem to be really big on the whole law and order philosophy here in Amerika. We have these neat shows like COPS, TOP COPS, etc ... and now there is going to be a new program called Secret Service. Is anyone else concerned about the unspoken and spoken messages these people are giving about innocence before proof of guilt, rights to a fully informed jury (i.e. guiltiness of breaking a stupid law can legally be interpreted by a jury as not-guilty) and other issues that we liberty and individuality loving Americans seem to value? -- Edward A. Bertsch (eab@msc.edu) Minnesota Supercomputer Center, Inc. ------------------------------ Date: Mon, 24 Aug 92 11:49:03 EDT From: Robert S Parnass Subject: Re: Auto Alarm vs Privacy Organization: AT&T Bell Laboratories, Naperville, IL In article , 72307.1502@compuserve.com (Gordon Meyer) writes about the "Teletrac" car alarm: > In addition to the technical details of how this works, I'm interested in > how the alarm is triggered, and how mad the first person will be that gets > pulled over by police after a malfunction. Finally, can this thing be > activated remotely? How accurate is the tracking mechanism? FYI, I found these frequencies licensed to Teletrac in Illinois: international teletrac syste, 9800 la cienega blvd [location?]_________ 896.0000_____wnuy701 (govt rcds) north american teletrac and, 9800 la cienega blvd ste [east moline]_______ 908.0000_____wnrf401 (govt rcds) " " 925.0150_____wnrf401 (govt rcds) " [milan]_____________ 908.0000_____wnrf401 (govt rcds) " " 925.0150_____wnrf401 (govt rcds) " [moline]____________ 908.0000_____wnrf401 (govt rcds) " " 925.0150_____wnrf401 (govt rcds) " [peoria]____________ 908.0000_____wnrf419 (govt rcds) " " 925.0150_____wnrf419 (govt rcds) " [rock island]_______ 908.0000_____wnrf401 (govt rcds) " " 925.0150_____wnrf401 (govt rcds) north american teletrac:loca, 9800 la cienega blvd ste [chicago]___________ 925.0150_____wnrz297 (govt rcds) " [evanston]__________ 925.0150_____wnrz297 (govt rcds) " [highland park]_____ 925.0150_____wnrz297 (govt rcds) " [lockport]__________ 925.0150_____wnrz297 (govt rcds) " [rockford]__________ 908.0000_____wnri732 (govt rcds) " " 925.0150_____wnri732 (govt rcds) pac tel teletrac, 9920 la cienega blvd ste [location?]_________ 896.0000_____wnuy719 (govt rcds) -- ============================================================================== Bob Parnass, AJ9S - AT&T Bell Labs - parnass@ihlpm.att.com - (708)979-5414 ------------------------------ From: dcg5662@hertz.njit.edu (Dave Grabowski (KxiK)) Subject: Re: Court Ruling on SocSec# at Rutgers, info needed Organization: New Jersey Institute of Technology, Newark, N.J. Date: Mon, 24 Aug 1992 18:08:16 GMT In article peterson@CS.ColoState.EDU (james peterson) writes: >I just read a short article in the 5 August issue of the Chronicle >of Higher Education that a US District Judge (H. Lee Sarokin) had ruled >against Rutgers in a suit brought by present and former students, who >claimed that the institution had violated their privacy rights by >misusing their social security numbers. > >Evidently, the judge did not order Rutgers to stop using the numbers >for routine administrative use (that would be too much of a hardship, >I guess) but rather to stop allowing distribution of the numbers (as in >rosters, etc.) cited as a practice which "allows any student to decode >another student's grades, obtain credit report, etc." Having been involved in the acquisition of credit reports a few years ago (very illegally, ahem), I can say that although having someone's SSN would help in abtaining a credit report, so does a name and address. The HARD part about obtaining a credit report is gaining access to a credit agency. If someone is slick enough to do that, getting ANYONE'S report is a cinch. (Big Brother is watching you!) > >Does anyone know the details of this case, and exactly what is prohibited >by it? For example, does this ruling prohibit the the posting of grades >and social security numbers without names (a fairly wide-spread practice), >or merely the posting of rosters containing both names and SS#'s? > >james sends Here at NJIT (which is across the street from the Rutgers Newark campus), everything is tied to our SSN's. All mail I get has my SSN on it. If I want to access my grades, I need my SSN. My SSN is on my ID card. The last four digits of my SSN are my user ID on the campus UNIX (along with my initials). If grades were NOT posted cross-referenced to SSN, how would they be posted? One could say that the school could come up with some kind of new ID scheme, but wouldn't that basically come back to the same problem? All one would need to know is someone's ID#, and they'd be back at square one. -Dave [Moderator's Note: The problem with posting grades by SSN is that most SSN lists that the "school computer" puts out is alphabetized by last name. Even if the names are not there it is trivial in small and medium sized classes to construct the list of names. It a wonder that schools haven't thought about randomizing the lists. ._dennis ] -- ----------------------------------------------------------------------------- Kappa Xi Kappa - Over & Above! dcg5662@hertz.njit.edu 9 Sussex Ave., Newark, NJ (car theft capital USA) 70721.2222@compuserve.com ------------------------------ End of Computer Privacy Digest V1 #073 ******************************