Date: Mon, 03 Jun 96 18:19:52 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V8#045 Computer Privacy Digest Mon, 03 Jun 96 Volume 8 : Issue: 045 Today's Topics: Moderator: Leonard P. Levine Re: How Secure are 900 MHz Digital Cordless Phones? Re: How Secure are 900 MHz Digital Cordless Phones? Re: How Secure are 900 MHz Digital Cordless Phones? Re: unsolicited email? Infosec Update '96 -- Ottawa/Hull, Canada Class III InfoWar Re: Credit Cards with Internet Fraud Insurance Re: Credit Cards with Internet Fraud Insurance Private-Eye Mailing list Electronic Privacy, Security Journal to Premier June 1 Growing the new Technology Concern Info on CPD [unchanged since 11/22/95] ---------------------------------------------------------------------- From: julier@clipper.ens.fr (Michel Julier) Date: 31 May 1996 17:48:29 GMT Subject: Re: How Secure are 900 MHz Digital Cordless Phones? Organization: Ecole Normale Superieure, Paris References: Mark Pfeifer wrote: I recently purchased a Toshiba 900MHz digital cordless phone. It does claim to encrypt calls. According to the documentation, each time the handset is placed in the base unit, a new 16-bit key is picked and used until the phone is placed in the base again (they quote 65536 unique codes). Most cordless phones "encrypt" calls, that is they emit a 16-bit code when you take the line. Your particular phone is specific only because this code is picked up every time you put the handset on the base: most phones keep the same code for all their life-time. However, don't confuse two things: your phone is protected against people calling on your line, from another handset, as they pass in your street. You are protected, of course, except if they have a device to try all 65536 codes. This is to protect your MONEY. his doesn't mean your PRIVACY is protected: most cordless phones aren't protected against people listening to them on the FM, at a specific frequency. I mean, what you say on the phone IS NOT encrypted. I could tell you about my sister, who was using a fine-quality cordless phone (Siemens or Philips, I forgot). One day, her neighbor knocked at her door, and told her that he could listen to her calls on the radio. This isn't common, I suppose his radio must use some intermediate frequency that, unfortunately, could match my sister's frequency. To my view, if you want to say something you consider "secret", you just shouldn't use a cordless phone. With a standard phone, your calls can be monitored only by your country's intelligence services, and by people who really came to put a derivation on your phone line. ---------------------------------------------------------------- Michel JULIER Paris,France soon moving to Montpellier, France ------------------------------ From: paul@fatmans.demon.co.uk Date: 01 Jun 1996 11:58:00 +0000 Subject: Re: How Secure are 900 MHz Digital Cordless Phones? As I understand it these cordless phones (called DECT in the UK) use the same encryption as GSM (global system for mobile communications) mobile phones do in Europe, the algorithm is called A5 and is implemented with a 64 bit key (correct me if i`m wrong but when the standard was agreed the french (all encryption has to be government approved in france) made it illegal to use a greater key so 64 was agreed) anyway, the cipher is something like this: x = 64 bit session key (changes every time, generated using a hash or prng, not sure which, at both base and phone). a= 114 bit a to b key stream b= 114 bit b to a key stream The output stream used to encrypt the data is just an XOR of three LSFRs (varying lengths, cant remeber them off hand but i think they are about 30 bits each) With very much longer registers the system would be strong but with its registers at 30 bits or so an exhausive search is possible, and indeed is meant to be, if you are into electronics it wouldn`t be that hard to re write the code and make one of these phones secure, because the system is secure, just the key length is at fault... as it is the whole thing is pretty trivial to break but you needn`t worry about your next door neighbour listening in, but for someone with about 15-20 thousand dollars to spend it is quite possible... ------------------------------ From: "George Stripling Jr." Date: 01 Jun 1996 16:20:57 -0500 Subject: Re: How Secure are 900 MHz Digital Cordless Phones? Organization: Salt Design & Consulting References: Ed Frankenberry wrote: from a privacy/security perspective, both forms of digital transmission represent an improvement over conventional unencrypted analog (AMPS) cellular telephones or analog cordless phones. True, but reallize that the U.S feds get the decoding algorithms too. -- George Stripling Jr. PGP Key ID:F6A2CA2D There is no expedient to which a man will not go to avoid the real labor of thinking. --- Thomas A. Edison, Placard, in all Edison works --- ------------------------------ From: eck@panix.com (Mark Eckenwiler) Date: 31 May 1996 17:25:18 -0400 Subject: Re: unsolicited email? Organization: A person on business from Porlock References: prvtctzn@aol.com writes: The Telephone Conuser Protection Act of 1991 (47 USC 227) prohibits unsolicited advertisements to fax machines. A fax machine is define (by this law) to be equipment with the capacity to: - receive signals over a regular telephone line - convert that data into text or graphics, and - print that data on to paper Therefore, your computer - email - printer system is (by definition ) a fax machine. You can sue the sender for $500 for each such transmission so long as you have no existing or prior business relationship with the sender. For the contrary view (that the TCPA does not apply to e-mail), see my article (acknowledging Bob Bulmash's position and referring to him) at http://techweb.cmp.com/net/issues/036issue/036law.htm The issue has also been beaten to death multiple times this year in misc.legal.computing and other Usenet groups. A suitable set of AltaVista and DejaNews searches should turn up much archived discussion on the subject. -- Sold by weight, not by volume. Some settling of contents may have occurred during shipment and handling. Mark Eckenwiler eck@panix.com ------------------------------ From: Mich Kabay <75300.3232@CompuServe.COM> Date: 31 May 96 14:02:44 EDT Subject: Infosec Update '96 -- Ottawa/Hull, Canada InfoSec Update '96 -- 12-13 July 96 -- Ottawa/Hull, Canada. National Computer Security Association & Institute for Government Informatics Professionals. Info: or M. E. Kabay, Ph.D. (Kirkland, QC) Director of Education / Natl Computer Security Assn (Carlisle, PA) ------------------------------ From: winn@Infowar.Com Date: 01 Jun 1996 21:33:01 -0400 Subject: Class III InfoWar Class III Information Warfare: Has It Begun? The June 2, 1996 Sunday Times from London front page headline reads: "City Surrenders to L400 million Gangs" And HERF Guns, Electromagnetic Pulses and sophisticated logic bombs may be responsible. At InfoWarCon II, Montreal Canada, I made reference to investigations I was conducting regarding concerted and organized attacks on up to 43 financial institutions in Europe and the US; an example of Class III Information Warfare. This issue of London Sunday Times brings a glimpse of the story that will eventually be told. The first attack in my files dates to January 6, 1993. A trading house in London was blackmailed into paying L10million to unknown extortionists who demonstrated they could crash the company's computers at will. The next incident in the Times article is also in my files: January 14, 1993 where similar demonstrations and demands were made for this time L12.5Million. And so is the next, January 29, 1993 and another L10Million siphoned off by the bad guys. According to my figures and those in the Times article, hundreds of millions of pounds have been paid ransom in what is clearly an example of Class III Information Warfare. According to officials in Washington, Whitehall, London, City of London Police, the National Security Agency, Kroll Associates, Bank of England and others (in the article) the threats are credible. The attackers have the clear ability to bring trading and financial operations to a halt - exactly when they say they will. "Banks, brokerage firms and investment houses in America have also secretly paid ransom to prevent costly computer meltdowns and a collapse in the confidence among their customers," sources said in the article. The article discussed the advanced information warfare techniques used by the perpetrators. "According to the American National Security Agency (NSA), they have penetrated computer systems using 'logic bombs' (coded devices that can be remotely detonated), electromagnetic pulses and 'high emission radio frequency guns' which blow a devastating electronic 'wind' through the computer systems." [For a complete description of HERF Guns (coined by Schwartau in 1990), see "Information Warfare: Chaos on the Electronic Superhighway," Thunders Mouth Press, 1994] The perpetrators have also left encrypted messages, apparently bypassing the highest security levels of the systems, leaving messages such as "Now do you believe we can destroy your computers?" The NSA and other officials believe that four gangs are involved; probably one from the US and probably one from Russia. But, because the crimes are international, national borders still prevail, making investigation more difficult. Investigations and official inquiries have been in progress for some time according to the article. Now, for a few things you will not see in the articlem, but will hopefully [if I am lucky] come out in the near future. The number of attacks is way above 40. They have been known about for almost three years, but only recently have people been willing to come out of the closet and discuss this highly sensitive issue with the media. Long briefs and analyses of these events have been submitted to high level officials and select business persons for at least a year, but to no avail. [Security by obscurity reigns all too often.] Banking is not the only industry that has been attacked and the attacks have been spread around Europe as well as Australia. As an industry many of us have said that the only way something will really be done is if we experience a Computer Chernobyl [Peter Neumann Phrase as I recall] or as I first said in Congressional Testimony, An Electronic Pearl Harbor. Are these events the harbinger of strong reaction by the community at large? As events unfold and more information is permitted to be disseminated over the next few days and weeks, we will see. We have essentially solved the issues of confidentiality and integrity. But, I have maintained that the real problem is going to be Denial of Service. These events are unfortunate, but clear examples of that reality. A Bank of England official also said of the incidents, "it is not the biggest issue in the banking market." Hmmm. I have to think about that. -- Winn Schwartau - Interpact, Inc. Information Warfare and InfoSec V: 813.393.6600 / F: 813.393.6361 Winn@InfoWar.Com ------------------------------ From: mds@access.digex.net Date: 01 Jun 1996 07:29:03 GMT Subject: Re: Credit Cards with Internet Fraud Insurance Organization: Wilkinson, Barker, Knauer & Quinn References: wbe@psr.com (Winston Edmond) writes: A few weeks ago, I got a piece of junk mail asking me to apply for a VISA card. What made the offer unique was that it had the word WEB in big letters on the outside envelope... (Sorry, no, I don't have the name of the bank any more. It was a U.S. bank and looked like a nationwide mailing to me, so maybe others will get a solicitation, too.) I got the same mailing. It was a bank subsidiary of Block Financial Co., which is presumably related to H&R Block, owner of Compuserve. =========================================================================== Michael D. Sullivan, Bethesda, MD (USA) email: mds@access.digex.net Also online as avogadro@well.com and 71460.1134@compuserve.com =========================================================================== ------------------------------ From: arlenelea@aol.com (Arlene Lea) Date: 02 Jun 1996 15:49:34 -0400 Subject: Re: Credit Cards with Internet Fraud Insurance Organization: America Online, Inc. (1-800-827-6364) References: Got a call from Discover asking if we had been charging (almost to the max) in San Diego that day. Since I was in LA and my hubby was in Sacramento, you know what had happened. Interestingly, we both had our cards and had not used discover over the net. It seems some sales person either gave the number out or threw away a reciept of some kind letting someone else get our number, print in on a Blank card and then use the new card. When we got the new ones, there was a sticker saying to call in to activate the cards. Called the number, was told by a computer voice to punch in the card number and thats it. No questions of social security number, date of birth, mother's maiden name, *nothing* - just a computer voice saying punch in the numbers. You can be sure we called and complained the next working day to a human - wE got NO satisfaction, but at least we complained. So much for safety in having to activate the cards, any idiot could read the number off the card. Arlene Lea @aol.com All I know is, the choices we make dictate the life we lead. To thine own self be true ". [moderator: I just got a card from the Web Conductor (Block Financial). They asked me to key in the card number and then a part of my socsocno. They said this was needed to "activate" the card.] ------------------------------ From: Joseph Seanor Date: 31 May 1996 15:22:31 -0700 (PDT) Subject: Private-Eye Mailing list If you are a Private Investigator, Detective, or Security person, or just interested in Private Investigations join the Private-Eye mailing list. The cost is FREE and to join send email to: Private-Eye-Request@netcom.com in the body: subscribe private-eye your name Joseph Seanor CIBIR Corporation cibir@netcom.com ------------------------------ From: benson@sorted.com (E. Benson) Date: 02 Jun 1996 20:26:01 GMT Subject: Electronic Privacy, Security Journal to Premier June 1 Organization: sorted - electronic issues on an insecure planet Electronic privacy, security journal to premier June 1 "sorted," a journal of electronic issues on an insecure plant, will debut on the World Wide Web June 1, 1996. Located at "http://www.sorted.com", the journal will address issues related to electronic privacy, wiretapping, surveillance, encryption, the V-Chip and Clipper Chip, and related issues. Issue No. 1 contains feature articles by internationally known author and NPR commentator Andrei Codrescu and computer privacy consultant and Private Idaho author Joel McNamara. The journal also features an FTP site which includes a full mirror of Cypherpunks PGP archive and related files. The address is "ftp.sorted.com/pub/encryption". ------------------------------ From: Larry Richard Date: 03 Jun 1996 14:39:01 -0700 Subject: Growing the new Technology Concern Organization: OnLine Expo 96 It's no secret that Wall Street has a keen eye squarely focused on the new and emerging technology sector. Correspondingly, there's no shortage of creative and dynamic talent with business applications, products and services seeking appropriate funding to take their business operations to the next level. ONLINE EXPO '96 brings together respected members of the investment banking, venture capital, and financial services firms to host a series of panel presentations, as well as a "meet and greet" session so that entrepreneurs and investors can exchange ideas, business plans, and advice, and to share ways to use the ONLINE EXPO '96 AT SAN FRANCISCO EXPOSITION CENTER JULY 11-13 (http://www.onlineexpo.com) --email: olexpo96@aol.com ------------------------------ From: "Prof. L. P. Levine" Date: 31 May 1996 09:14:50 -0600 (CST) Subject: Info on CPD [unchanged since 11/22/95] Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions to CPD should be submitted, with appropriate, substantive SUBJECT: line, otherwise they may be ignored. They must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. Do not include entire previous messages in responses to them. Include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. All contributions considered as personal comments; usual disclaimers apply. All reuses of CPD material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy; publications using CPD material should obtain permission from the contributors. Contributions generally are acknowledged within 24 hours of submission. If selected, they are printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the Subject: line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Web browsers will find it at gopher://gopher.cs.uwm.edu. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Web: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V8 #045 ****************************** .