Date: Fri, 18 Dec 92 16:21:21 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@PICA.ARMY.MIL Subject: Computer Privacy Digest V1#115 Computer Privacy Digest Fri, 18 Dec 92 Volume 1 : Issue: 115 Today's Topics: Moderator: Dennis G. Rears alt.privacy Comm Week article omits PGP The UPS clipboard Re: Blockbuster Video Re: Blockbuster Video PA DMV Signatures Re: More on SSNs as used by VA DMV Re: Computer Privacy Digest V1 The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@pica.army.mil and administrative requests to comp-privacy-request@pica.army.mil. Back issues are available via anonymous ftp on ftp.pica.army.mil [129.139.160.133]. ---------------------------------------------------------------------- From: Carl Oppedahl Subject: alt.privacy Date: Wed, 16 Dec 1992 01:32:25 GMT Organization: PANIX Public Access Unix & Internet, NYC An article in a recent issue of the New York Times describes a lawsuit in which Mervyn's Department stores in California may be eligible for nearly $6 million worth of vouchers. The store had been requiring customers to reveal their telephone numbers when using charge cards, but state law says customers did not have to. Four customers sued, and now the store is settling. Keep up the good work, I say. Carl Oppedahl AA2KW (intellectual property lawyer) 30 Rockefeller Plaza New York, NY 10112-0228 voice 212-408-2578 fax 212-765-2519 ------------------------------ From: Carl Oppedahl Subject: Comm Week article omits PGP Date: Wed, 16 Dec 1992 01:38:14 GMT Organization: PANIX Public Access Unix & Internet, NYC An article in the December 14, 1992 Communications Week describes an encryption arrangement said to be used by "many users", namely using a public-key method to encrypt a DES key which is then used to encrypt the message. The article goes on at length but somehow manages to miss PGP, which I suspect is the most widely used software that does this. The article mentions RSA, of course, and quotes Prof. Hellman. The article then mentions that RSA's encryption is used in Novell Netware Release 4, in Lotus Notes, and in Microsoft Windows for Workgroups. Carl Oppedahl AA2KW (intellectual property lawyer) 30 Rockefeller Plaza New York, NY 10112-0228 voice 212-408-2578 fax 212-765-2519 ------------------------------ Subject: The UPS clipboard From: "Roy M. Silvernail" Date: Thu, 17 Dec 92 22:43:17 CST Organization: Villa CyberSpace, Minneapolis, MN I'm going to pull together several responses, in the interest of saving bandwidth... Brian Bousman writes: > It seems to me that if you are worried about your signature being >digitized and used for other purposes then you cannot sign *anything* >because all it takes is a scanner to get it from a paper version of >your signature. and volpe@bart.nosubdomain.nodomain (Christopher R Volpe) writes: >Why is this new gadget any more dangerous than the status quo? Anyone >can digitize a signature from paper using your average image scanner. That's a valid point. I have the feeling that UPS' old paper records were handled a bit more securely than the clipboards, by virtue of the physical paper itself. Everyone associated knew it was the only copy existing. But that's just a feeling, so I can't press it too far. The problem I saw was not so much the actual risk (which, since I've seen no abuses, is probably as small as everyone at UPS claimed), but with their attitude. Consider that instead of a physical paper trail, you have valuable data being stored electronically. No one at UPS could tell me if that data was stored in the clear. The most knowledgable person I spoke to did not know the term 'encryption'. Given that I'm familiar with the company building the clipboards, if this product follows their usual design practices, it's implemented around an 8051 derivative processor and static RAM. It may, in fact, store data in EEPROM to avoid inadvertant power loss. Both memories' contents can be recovered by a skilled tech, regardless of the wishes of the host processor. Even if they have gone to a more powerful processor, the memory must be held static for the duration of the shift. The stored data are therefore vulnerable. Consider, also, that the signature may actually be the least valuable piece of information in that record. How much could you tell about a competitor if you had access to their UPS shipping records? In many cases, even the insured value of packages is recorded. No one at UPS knew of any audit trail established for the clipboards. The one rep told me the boards were 'dumped and cleared' at the end of each shift, but could not confirm that residual data was actually overwritten. He also didn't know if a board could be dumped more than once. That brings up the next scenario, which made the UPS folks bristle the most. The most vulnerable point for stored data on these clipboards is when the board is in the posession of the driver. A reasonable man cannot arbitrarily discount the possibility of crooked employees. What's to stop a scrupulously challenged (tm) driver from stopping by a contact point and dumping his board in exchange for a not-so-small gratuity? The data is copied, but UPS still gets it as usual. They're none the wiser, the driver is some the richer, and my company's shipping habits are being studied by my competitor. I need a better answer than "That will never happen." But that's the only answer UPS had for my questions. Finally, Ed Ravin writes: >Do what many of us techno-troublemakers are already doing with junk mail >lists -- sign an extra middle initial or two, or otherwise alter your >moniker so that you can identify "the signature I use on UPS clipboards". I do this already. I don't actually sign my name at all, and there's no danger of what I do write being mistaken for my legal signature. >>But UPS hasn't started dumping the clipboards' contents by radio, yet. > >Don't worry, be happy, the Electronic Communications Privacy Act makes it >illegal for anyone to "listen" to the stuff :-) :-) Gosh, I feel so much more secure now! :-) I wouldn't have been so peeved, but the flat refusal of anyone to even grant the existance of a risk really got me. This really goes for the netters, as well as UPS. The risks may not be greater than those of the paper records, but they are _different_ risks and need to be specifically addressed. The fact that no abuses have come to light may mean the system really is secure. Or it might just mean the guys getting those extra dumps tip really well. -- Roy M. Silvernail | #include | "press to test" roy%cybrspc@cs.umn.edu | main(){ | cybrspc!roy@cs.umn.edu | float x=1; | "release | printf("Just my $%.2f.\n",x/50);} | to detonate" ------------------------------ Date: Fri, 18 Dec 92 10:07:46 -0500 From: Doctor Math Subject: Re: Blockbuster Video In Digest: Volume 1, Issue 113, Message 7 of 9, BRYAN@wvnvm.wvnet.edu (Jerry Bryan) writes: >I just had my first encounter with Blockbuster Video. They wanted >my driver's license number, my SSN, a credit card number, where >I worked, and my boss's name. I balked on the SSN, they would not >give in, and I walked out. A friend of mine had an experience with Blockbuster that went like this: Jealous ex goes to Blockbuster, convinces staff that he has permission to check out tapes using her account, never returns the tapes, she gets stuck with a large bill (it just appeared on the credit card statement). Complaints to Blockbuster management (both verbal and written), while not ignored, did no good whatsoever. Conclusion: Blockbuster's concept of 'security' is: "We have authorization to charge your credit card." It would seem to be all the security they need - this way, they're never out any money :) :( :( It could be argued that there are other video rental stores, but it can also be said that Blockbuster would rather this not be true, and is likely doing everything they can to eliminate the competition. As it happens, the University put a video rental place in the Student Center. You use your student or staff ID, which has your SSN embossed on it along with your name... Back to square one, almost; since the University already KNOWS your SSN, it's not like giving it out to a third party, which is at least a minor bonus. ------------------------------ From: "Glenn R. Stone" Subject: Re: Blockbuster Video Date: 18 Dec 92 18:28:52 GMT Reply-To: glenns@eas.gatech.edu Organization: The Group W Bench In BRYAN@wvnvm.wvnet.edu (Jerry Bryan) writes: >I just had my first encounter with Blockbuster Video. They wanted >my driver's license number, my SSN, a credit card number, where >I worked, and my boss's name. I balked on the SSN, they would not >give in, and I walked out. Gee. BB here in HotLanta only wanted a card number and place of employment; there was an explicit doodad that said you didn't have to give your ssn if you didn't want to; they generated an eleven-digit membership number.... I don't know if the ssn was included in the number if you gave it to them or not. I didn't get any static at all about not giving the SSN ('specially since I circled the section that said I didn't have to)..... Not that I go thru there anymore.... -- Glenn R. Stone (glenns@eas.gatech.edu) Don't throw matches in the urinals, for they are subtle and quick to anger. --wilson ------------------------------ Date: Fri, 18 Dec 1992 13:02:57 -0500 (EST) From: "L. Jean Camp" Subject: PA DMV The Pennsylvannia DMV requires that you ontain a SS# if you do not have one to get a license. Then your SS# is printed on your lincense, not as your license number, but in addition to. It is very common for people to ask for your DL and start to write down your SS#. I just pull it away from the clerk. At that point, the check is written, they have my license number. Noone has yet refused my check. If I lose my DL anyone who finds it could commit credit fraud with no difficulty. All it would take is a simple form. Why do they want my SSN? Because they can get it; and there are so many hurdles to jump through, people are exhausted when the license finally hits our hot little hands we will not fight it. I'm not paying a lawyer! Jean ------------------------------ Acknowledge-To: WHMurray@DOCKMASTER.NCSC.MIL Date: Fri, 18 Dec 92 08:22 EST From: WHMurray@dockmaster.ncsc.mil Subject: Signatures >Why is this new gadget any more dangerous than the status quo? Anyone >can digitize a signature from paper using your average image scanner. > >-Chris > >-- >================== >Chris Volpe Well, first, this is the status quo. Technology determines practice, not the other way around. Second, what one should learn from it is the limitations of signatures before it was easy to digitize them. From David Bowman: > It seems to me that if you are worried about your signature being >digitized and used for other purposes then you cannot sign *anything* >because all it takes is a scanner to get it from a paper version of >your signature. Signatures have served us very well, but only for a couple of hundred years. Three factors have contributed to this. First, for most of us, it is very difficult for us to disown our legitimate signature. It is so obvious to us that the signature is ours that we believe that it is equally obvious to others. However, if you think about it, while you are expert at your own signature, you, and almost everyone else, are lousy at anyone elses. Second, although few of us ever see one, we are equally expert at recognizing forgeries of our own signatures. The law provides us with an easy way to disown these. We simply assert that a particular instance of the signature is a forgery. For example, if someone were to forge your signature to a check, you could simply go to your bank, assert that the signature is not yours, sign an affidavit to that affect, and the bank will take the check back and credit your account. They will do this even if they really believe that the signature is valid, since all they are going to do is return the check, for credit, to the party from whom they got it. Of course, this only works for routine transactions. It will not work for real property transactions or for wills, affidavits, or testaments. For these, the signatures of multiple witnesses and a notary public are required. These parties attest that they watched you sign the document and this makes it more difficult to disown. Note that the notary public is commisioned by the state particularly for this purpose. Finally, while easy to forge in ideal circumstances, signatures are very difficult to forge in real time, under scrutiny. Thus, if I ask you to sign or endorse your check in front of me, and if it is not obviously different from the one on your driving license, and if you wrote normally and did not draw, then I can have a high degree of confidence in it. If I do not see you sign it, if I could not testify in court that I saw you sign it, then the signature has far less value. The UPS case demonstrates this. Note that UPS has no reference of your signature against which to compare the instance that you provide. It is good evidence only because the driver can testify that he saw you put it in. While it could be helpful, in the same manner as any other digital or analog record of your signature, in perpetrating a fraud, it is far from sufficient for doing so. Signatures are only evidence, they are not proof. They work because they are rarely disowned. While, the cases in which they are disowned make interesting reading, they are exceptions. In most litigation, the legitimacy of the documents is stipulated. It is their meaning that is in dispute. Rational discussion of signatures is difficult because in our culture they are emotionally associated with identity. For our purposes it is sufficient to understand their limits and to understand that in the presence of high quality recording and reproduction equipment, they are likely to be even more limited. William Hugh Murray, Executive Consultant, Information System Security 49 Locust Avenue, Suite 104; New Canaan, Connecticut 06840 1-0-ATT-0-700-WMURRAY; WHMurray at DOCKMASTER.NCSC.MIL ------------------------------ From: "Michael T. Palmer" Subject: Re: More on SSNs as used by VA DMV Date: 18 Dec 92 14:11:21 GMT Organization: NASA Langley Research Center, Hampton, VA USA In the Sunday, December 13 issue of the (Hampton, VA) Daily Press, the front page of the business section had a long article (complete with cute graphic showing a masked thief "entering" a computer) about how much easier it is to commit fraud when you know someone's SSN. A couple of case histories were provided, along with comments by legislators, the VA State Police, and business leaders that using the SSN as the driver's license number is both unnecessary and potentially harmful. If anyone is interested, I will type it in over the weekend and provide it in a posting. I plan to make photocopies of it to send to my state delegate and state senator, along with a (polite) letter explaining how I expect them to quickly pass legislation to protect their constituents. P.S. Yesterday I got my new VA license (renewal). Not only is it the worst picture EVER taken of me, but now the SSN is emblazoned in large red letters across the front, right next to my digitized picture and just above my digitized signature. YIKES!! And does anyone have a mag stripe reader so I can find out what's on that black area on the back? -- Michael T. Palmer, M/S 152, NASA Langley Research Center, Hampton, VA 23681 Voice: 804-864-2044, FAX: 804-864-7793, Email: m.t.palmer@larc.nasa.gov RIPEM Public Key available soon --- Consider it an envelope for your e-mail ------------------------------ From: Eric Hunt Subject: Re: Computer Privacy Digest V1 Date: 18 Dec 92 17:39:24 GMT Organization: Birmingham-Southern College In article , bjwhitlock@vnet.ibm.com (Brad Whitlock) writes: > And by the way, do you demand to see the original SSA-issue SSN card? Alabama recently (last 2 years) began requiring SSN's for all students entering school. No SSN, no school. What's even worse, is they simply REFUSE to accept the number by itself, they require the actual SSA-issued card. My sister was a week late starting school because they wouldn't let her in the doors without a SSA-issue card. It took a week to get a new one made, we had lost the original from when she was born. [Moderator's Note: Is this colleges, high schools, or primary schools? ._dennis ] ------------------------------ End of Computer Privacy Digest V1 #115 ******************************