Date: Wed, 21 Feb 96 09:22:56 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V8#016 Computer Privacy Digest Wed, 21 Feb 96 Volume 8 : Issue: 016 Today's Topics: Moderator: Leonard P. Levine Re: Anonymous Remailers are a Virus Spreading Online Re: Anonymous Remailers are a Virus Spreading Online Re: Anonymous Remailers are a Virus Spreading Online Re: Anonymous remailers are a virus spreading online! (Replies) Re: Anonymous remailers are a virus spreading online! Re: Anonymous Remailers are a Virus Spreading Online Freedom of Speech and Expression Re: Web Surfers: Your Computer Is Watching You Tracking Sales Leads on the Internet Re: GM unlocks your car with a phone call Re: SSN Driver's license question Re: Access to DMV Records by Rental Car Companies Info on CPD [unchanged since 11/22/95] ---------------------------------------------------------------------- From: peter@nmti.com (Peter da Silva) Date: 17 Feb 1996 00:30:22 GMT Subject: Re: Anonymous Remailers are a Virus Spreading Online Organization: Network/development platform support, NMTI References: The introduction of Anonymous Re-mailers into the Internet has altered the capacity to balance attack and counter-attack, or crime and punishment. Nonsense. Sheer and utter nonsense. Anonymous attacks in the real world are not only possible, they're *commonplace*. Extreme examples like the Unabomber are simply the far edge of a continuum of anonymous physical mail attacks that start with chain letters and work up. If you want to do something, make the post office require a driver's license before accepting any package. That'd make a difference. The fact that it'd also have a devastating effect on the economy by radically increasing the cost of mail shouldn't bother you... should it? -- Peter da Silva (NIC: PJD2) `-_-' 1601 Industrial Boulevard Bailey Network Management 'U` Sugar Land, TX 77487-5013 +1 713 274 5180 "Har du kramat din varg idag?" USA Bailey pays for my technical expertise. My opinions probably scare them ------------------------------ From: roy@sendai.cybrspc.mn.org (Roy M. Silvernail) Date: 18 Feb 1996 10:05:32 CST Subject: Re: Anonymous Remailers are a Virus Spreading Online Organization: Not that I've noticed levine@blatz.cs.uwm.edu writes: My most serious question about anonymous remailers is this: How can we be sure that the operator of such a remailer is not a federal or other governmental agent? That person is trusted with our privacy and has all the data needed to identify a user. If I were the Feds I would already have set up such a "sting" operation, the temptation is just too great. That's the reason behind chaining your message through several remailers. The first remailer in the chain knows your address, but not the ultimate destination of the traffic. A single uncompromised remailer in the chain will break the traceability of your message. -- Roy M. Silvernail [ ] roy@cybrspc.mn.org PGP Public Key fingerprint = 31 86 EC B9 DB 76 A7 54 13 0B 6A 6B CC 09 18 B6 Key available from pubkey@cybrspc.mn.org ------------------------------ From: fyoung@oxford.net (F Young) Date: 19 Feb 96 01:05:15 EST Subject: Re: Anonymous Remailers are a Virus Spreading Online My most serious question about anonymous remailers is this: How can we be sure that the operator of such a remailer is not a federal or other governmental agent? That person is trusted with our privacy and has all the data needed to identify a user. If I were the Feds I would already have set up such a "sting" operation, the temptation is just too great. I remember reading this on an anonymous remailer FAQ. Chaining at least three remailers and using PGP to encrypt the message would greatly reduced the chance of being "exposed." If one of the three remailers was a government sting, then the worse it could get is big brother would discover the orign of a message (going to another remailer) or the destination of a message (from another remailer). In all seriousness, most of the messages, letters, or phone conversations that we write or carry on do not have to be absolutely positively private. However, in principle, citizens should be allowed the privacy. Also, the fact that some bureaucrat has the power, using our tax money, to snoop into our private lives is in itself an angering thought. ------------------------------ From: lmccarth@cs.umass.edu Date: 19 Feb 1996 03:42:46 -0500 (EST) Subject: Re: Anonymous remailers are a virus spreading online! (Replies) My most serious question about anonymous remailers is this: How can we be sure that the operator of such a remailer is not a federal or other governmental agent? That person is trusted with our privacy and has all the data needed to identify a user. If I were the Feds I would already have set up such a "sting" operation, the temptation is just too great. You will be pleased to hear that this problem was anticipated at least 15 years ago (in David Chaum's paper on "digital mixes"). Briefly, the solution is to use multiple layers of encryption to distribute trust among several remailer operators. Before it is remailed, a message is encrypted with public keys belonging to each of a sequence of remailers. As each remailer receives a message, it removes the outer layer of encryption using its private key, revealing another encrypted message and the next address to which it should be sent. Cooperation of all the remailers in the chain is needed to link the originating address to the message that is eventually delivered to a recipient. For a longer exposition on the current state of the art in deployed mail anonymizers, see http://www.obscura.com/~loki/remailer/remailer-essay.html Note that the availability of strong anonymity critically depends upon the availability of strong cryptography. If the Department of the Treasury Automated Systems Division holds all the remailers' private keys, then it can easily determine the originators of all anonymously remailed messages. -Lewis "You're always disappointed, nothing seems to keep you high -- drive your bargains, push your papers, win your medals, fuck your strangers; don't it leave you on the empty side ?" (Joni Mitchell, 1972) ------------------------------ From: Stanton McCandlish Date: 19 Feb 1996 18:05:42 -0800 (PST) Subject: Re: Anonymous remailers are a virus spreading online! My most serious question about anonymous remailers is this: How can we be sure that the operator of such a remailer is not a federal or other governmental agent? That person is trusted with our privacy and has all the data needed to identify a user. Declan B. McCullagh typed: A remailer chain will make such a "sting" operation fail miserably. Only if the message is encrypted - if not, any users who use a sting remailer as the first one in the chain are busted. This could hobble the use of remailers for any public postings in which anonymity is essential. -- Stanton McCandlish
mech@eff.org

Electronic Frontier Foundation

Online Activist ------------------------------ From: daveb@iinet.net.au (Dave) Date: 20 Feb 1996 23:48:06 GMT Subject: Re: Anonymous Remailers are a Virus Spreading Online Organization: iiNet Technologies References: "Prof. L. P. Levine" wrote: My most serious question about anonymous remailers is this: How can we be sure that the operator of such a remailer is not a federal or other governmental agent? That person is trusted with our privacy and has all the data needed to identify a user. One (too?) obvoius defence is to use a remailer in another country. I greatly doubt if the US Govt. has subverted a remailer in, say, Finland. The Finnish Govt. might have something to say about that. -- Dave Brooks PGP public key: finger daveb@opera.iinet.net.au servers daveb@iinet.net.au fingerprint 20 8F 95 22 96 D6 1C 0B 3D 4D C3 D4 50 A1 C4 34 ------------------------------ From: rikdavid@freenet.hamilton.on.ca (Rick Davidson) Date: 19 Feb 1996 12:39:37 GMT Subject: Freedom of Speech and Expression Organization: Hamilton-Wentworth FreeNet, Ontario, Canada. A couple of years ago I spoke to news paper reporter RE: a base ball game that I officiated and the end result was a Registered letter that I was Suspended. There was a written complaint sent to my organization and that group has yet to submitt to me such piculars. My writes have been violated and thus slandered im my opinion. If you send to me snail mail address I shall send my story and you may make your own assumptions and opinions. Only in Ameriaca -- Great White North ------------------------------ From: fyoung@oxford.net (F Young) Date: 19 Feb 96 00:54:43 EST Subject: Re: Web Surfers: Your Computer Is Watching You But many PC users may take a dim view of Netscape's failure to draw their attention to the fact that their behaviour may be tracked i this way. Moreover, there appears to be only one way to disable the facility: by manually amending or deleting the COOKIE.TXT file containing all the cookies. Is that all? I'm not overlooking the potential privacy problem with this Netscape implementation, but someone can write a very simple script to do a DEL COOKIE.TXT say everytime Netscape is loaded or unloaded. Would that solve the problem? ------------------------------ From: "Prof. L. P. Levine" Date: 20 Feb 1996 13:54:43 -0600 (CST) Subject: Tracking Sales Leads on the Internet Organization: University of Wisconsin-Milwaukee Netscape, Aurem Announce Agreement to Track Sales Leads According to a source in the news industry, Netscape Communications Corp. and Aurum Software Inc. recently (2/20/96) disclosed a strategy to develop software to track consumers' tastes and interests on the Internet. Aurum is a closely held company based in Santa Clara, California. Aurum's software (SalesTrak and WebTrak) will be added to Netscape's browser according to this source. The software will provide registration information to companies about individual computer users after the users visit certain Web pages. The information is automatically put into the company's database. For example, a shoe company could use the software to send specific information to customers about markdowns. Last week, Netscape said it abandoned a similar technology, called cookies, a file that tracks consumers' so-called clickstream, or series of mouseclicks as they move around the Web. ------------------------------ From: vinod@watson.ibm.com (Vinod Narayanan) Date: 20 Feb 1996 09:08:52 -0500 Subject: Re: GM unlocks your car with a phone call Organization: IBM T.J. Watson Research Center References: (Howard G. Page) writes: I wonder whether there is a feature providing the ability of the "Customer Assistance Center" to disable your auto if you fall a little behind in your payments. Or maybe they simply send it a command limiting it's maximum speed is, say, 30 mph! Eventhough this is technically feasible, I think that existing laws already forbid "bombs" of this kind. See the "Computer Law" column in the February 1996 issue of IEEE Computer magazine (page. 94). This article discusses software "bombs", but I think that the situation here is exactly the same. However, the risk that a government agency can get GM (or whoever the service provider is) to track your movements using the GPS system and receiver is very real. -- vinod@watson.ibm.com ------------------------------ From: macker@willowtree.com (Macker) Date: 20 Feb 1996 09:03:56 GMT Subject: Re: SSN Driver's license question Trip Martin (night@acm.rpi.edu) wrote: Does anyone know about trying to do the same in NYS? They require the SSN, but as far as I can tell, they haven't complied with the privacy act either. levine@blatz.cs.uwm.edu (Prof. L. P. Levine) wrote: In order to protect the children the federal government now requires SSN in order to get a driver licence. This is to trace down deadbeat dads. I don't know about the rest of the country, but here in Iowa if you want to get a CDL (Commercial Driver's License, required for driving a semi or bus) then your license # is your SSN. I know because my father has a CDL, and was, to say the least, quite unhappy to find this out. The most common reason for this that I heard (from truckers) was that it helps to crack down on truckers getting a CDL in another state to get around traffic violations and such... (CDL's have much more stringent rules). Anyone know if this is done in other states also? What is the legality/constituionality of this? Last time I knew, the SSN was "not to be used for identification purposes"... isn't this exactly that? -- Robert ------------------------------ From: bernie@fantasyfarm.com (Bernie Cosell) Date: 20 Feb 1996 02:00:28 GMT Subject: Re: Access to DMV Records by Rental Car Companies Organization: Fantasy Farm Fibers References: Paul Robinson wrote: According to a report over the radio, a little-noticed provision of one of the crime bills which have come out allows a rental car company to check your driving record. I'm not familiar with the general laws on this: I would have assumed that ones driving record would have been matters of public record [after all, motor vehicle infractions are *convictions*]. Is there basis on which you think that your driving record should be kept a secret? [and indeed, from someone who is about to rent you a $20,000+ vehicle?] According to the report, two or three incidents - an accident or certain types of tickets - is enough to cause you to be blacklisted. What does 'blacklisted' in this regard mean? Clearly rental agencies have to do *something* about folks with clearly-bad driving records. [and look at it from the other side, too: rental car companies don't print money. The money that goes to pay for their insurance and repairing their cars comes from [ta dah!] *us* --- the other folk who rent cars from them. So by allowing carst to be rented to lousy drivers will necessarily drive up the rental car rates for everyone --- the good drivers will be forced to subsidize the incompetence of the bad drivers. Does this sound fair or like good policy? On the other hand, if the argument were that such folk shouldn't be *denied* the option of renting a car, but merely should have to pay for their lack of skill, I'd say that's OK: argue that they should only levy a premium [perhaps a stiff one] on the drivers with bad records. [and on the other hand, considering the nature of rental cars and the competition therein, I can't imagine that some rental car agency won't offer a deal like that [or just not check driving records at all] --- you may not be able to rent from Hertz and friends, but I"d guess that you'll still be able to get something from one of the small fry outfits... Where are the problems in this? 1. There is no announcement of this practice; you're not likely to find out until you get to the counter and can't rent a car. I'm not sure what you'd want here. There's not much announcement of ANYTHIGN to do with rental cars [I was very surprised the first time I learned that I *couldn't* rent a car for cash]. In fact, there's little announcement of these sorts of things in any venue, is there? 2. There is no appeals process available. Other than taking your business elsewhere... 3. There is no means available to provide for corrections or to determine where or how the error occurred in the event you are caught short by this happening. I'm not sure what you mean here. If you're talking about what I think you are, then your "conviction record" is not something maintained by some invisible operator... you can just go down to the DMV and check it out yourself. As for corrections, I guess I don't know about that: I was under the impression that the state was pretty careful about such things. 4. No consideration is made as to the severity of the offenses or whether you were even at fault in the accident; if the information is there, you walk. I'm not sure what you're saying here. Why do you say "no consideration"? Since I haven't seen the article to which you're referring, it is a bit hard to guess --- is there some pact whereby all the car rental agencies in the universe have conspired to form some kind of consortium? I'd agree that probably Hertz, Avis, and maybe some of the big nationals will be nuisances (and may even have the same rules... but then again, maybe they won't). But it is hard to imagine that the rules will be that uniform across the zillions of small operators [as it largely is for credit card stuff... you might get turned down by Discover but have no trouble getting a department store card; we actually had a vice-versa situation: we have gold-mastercards and such, but got turned down for a Lowes [a hardware chain] card] 5. What proof do we have that those who are inquiring into the database are authorized to do so, that they are actually looking up the record for that customer, and what privacy protections do we have against unauthorized inquiries? Do we have the right to password-protect our own account? What is the nature of this "database". Ones driving record, as far as I know, has always been a matter of public record and a trip to the courthouse in the appropriate state will get a list of "convictions". It is one thing to complain about the "privacy" of your financial records, since your financial transactions are inherently private matters and the question arises as to how 'public' they should be. But ones driving on the public highway is *inherently*public* and so it is a bit harder (I'd think) to argue that there is some privacy issue involved here. 6. What protections do we have against the risk of erroneous data in a report? Take it to your state's AG [or secretary of state or the like?) 7. Is this the same data as is available at a DMV or DPS office, and if not, in what way is it different? This is certainly the key question, and as far as I can see the *only* question. If the answer is "the same" [which is what I've been assuming, since anything else would entail a new definition of "driving record" for the most part], then to my view virtually all of your concerns and questions are off the mark. If the answer is "different", then you have a legitimate question, but it is [again in my view] the *only* question. If you are going to rent a *car* from me, for crissake, how can you possibly argue that ones driving record should be kept a secret? -- Bernie Cosell Fantasy Farm Fibers bernie@fantasyfarm.com Pearisburg, VA --> Too many people, too few sheep <-- ------------------------------ From: "Prof. L. P. Levine" Date: 30 Jan 1996 18:45:30 -0600 (CST) Subject: Info on CPD [unchanged since 11/22/95] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the Subject: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Web browsers will find it at gopher://gopher.cs.uwm.edu. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Web: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V8 #016 ****************************** .