|
PRIVACY Forum Archive Document
|
PRIVACY Forum Digest Saturday, 19 August 1995 Volume 04 : Issue 18
Moderated by Lauren Weinstein (lauren@vortex.com)
Vortex Technology, Woodland Hills, CA, U.S.A.
===== PRIVACY FORUM =====
The PRIVACY Forum digest is supported in part by the
ACM Committee on Computers and Public Policy,
and the Data Services Division
of MCI Communications Corporation.
CONTENTS
FBI Files on Clipper Release (Dave Banisar)
A question about membership lists on the WWW (George Musser)
Microsoft's Explanation of the Registration Wizard (Brant Freer)
The MSN is Hacker Heaven (Andy Chesterton)
The Info-Sec Super Journal (Dr. Frederick B. Cohen)
Final Program - AST 9/4/95 (Dave Banisar)
*** Please include a RELEVANT "Subject:" line on all submissions! ***
*** Submissions without them may be ignored! ***
-----------------------------------------------------------------------------
The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond. The
moderator will choose submissions for inclusion based on their relevance and
content. Submissions will not be routinely acknowledged.
All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored. Excessive "signatures" on submissions are
subject to editing. Subscriptions are by an automatic "listserv" system; for
subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com". Mailing list problems should be reported to
"list-maint@vortex.com".
All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations.
The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp ftp.vortex.com",
in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password. The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access. PRIVACY Forum materials may also be obtained automatically via
e-mail through the listserv system. Please follow the instructions above
for getting the listserv "help" information, which includes details
regarding the "index" and "get" listserv commands, which are used to access
the PRIVACY Forum archive. All PRIVACY Forum materials are available
through the Internet Gopher system via a gopher server on site
"gopher.vortex.com/". Access to PRIVACY Forum materials is also available
through the Internet World Wide Web (WWW) via the Vortex Technology WWW
server at the URL: "http://www.vortex.com".
-----------------------------------------------------------------------------
VOLUME 04, ISSUE 18
Quote for the day:
"Self-destruct... has been cancelled."
-- Main computer recorded announcement
"The Andromeda Strain" (1971)
----------------------------------------------------------------------
Date: 16 Aug 1995 15:57:13
From: "Dave Banisar" <banisar@epic.org>
Subject: FBI Files on Clipper Release
FOR RELEASE: August 16, 1995, 2:00 p.m. EST
CONTACT: David Sobel (202) 544-9240
FBI FILES: CLIPPER MUST BE MANDATORY
WASHINGTON, DC - Newly-released government documents show
that key federal agencies concluded more than two years ago that
the "Clipper Chip" encryption initiative will only succeed if
alternative security techniques are outlawed. The Electronic
Privacy Information Center (EPIC) obtained the documents from the
Federal Bureau of Investigation under the Freedom of Information
Act. EPIC, a non-profit research group, received hundreds of
pages of material from FBI files concerning Clipper and
cryptography.
The conclusions contained in the documents appear to conflict
with frequent Administration claims that use of Clipper technology
will remain "voluntary." Critics of the government's initiative,
including EPIC, have long maintained that the Clipper "key-escrow
encryption" technique would only serve its stated purpose if made
mandatory. According to the FBI documents, that view is shared by
the Bureau, the National Security Agency (NSA) and the Department
of Justice (DOJ).
In a "briefing document" titled "Encryption: The Threat,
Applications and Potential Solutions," and sent to the National
Security Council in February 1993, the FBI, NSA and DOJ concluded
that:
Technical solutions, such as they are, will only work if
they are incorporated into all encryption products.
To ensure that this occurs, legislation mandating the
use of Government-approved encryption products or
adherence to Government encryption criteria is required.
Likewise, an undated FBI report titled "Impact of Emerging
Telecommunications Technologies on Law Enforcement" observes that
"[a]lthough the export of encryption products by the United States
is controlled, domestic use is not regulated." The report
concludes that "a national policy embodied in legislation is
needed." Such a policy, according to the FBI, must ensure "real-
time decryption by law enforcement" and "prohibit[] cryptography
that cannot meet the Government standard."
The FBI conclusions stand in stark contrast to public
assurances that the government does not intend to prohibit the use
of non-escrowed encryption. Testifying before a Senate Judiciary
Subcommittee on May 3, 1994, Assistant Attorney General Jo Ann
Harris asserted that:
As the Administration has made clear on a number of
occasions, the key-escrow encryption initiative is a
voluntary one; we have absolutely no intention of
mandating private use of a particular kind of
cryptography, nor of criminalizing the private use of
certain kinds of cryptography.
According to EPIC Legal Counsel David Sobel, the newly-
disclosed information "demonstrates that the architects of the
Clipper program -- NSA and the FBI -- have always recognized that
key-escrow must eventually be mandated. As privacy advocates and
industry have always said, Clipper does nothing for law
enforcement unless the alternatives are outlawed."
Scanned images of several key documents are available via the
World Wide Web at the EPIC Home Page:
http://www.epic.org/crypto/ban/fbi_dox/
-30-
David Banisar (Banisar@epic.org) * 202-544-9240 (tel)
Electronic Privacy Information Center * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301 * HTTP://epic.org
Washington, DC 20003 * ftp/gopher/wais cpsr.org
[ This information should of course be a surprise to nobody who has
followed this topic. Such conclusions were obvious from the start, and
various concerns regarding encryption have been made clear enough in
past Congressional testimony and reports. However, there is a
considerable jump between concluding that Clipper will fail without
legislation banning other encryption, and actually submitting such
legislation, passing it, and having it withstand court scrutiny.
The opposition to such an attempt would no doubt be quite dramatic, to
put it mildly. Since it's clear that there's really no way to stop all
non-Clipper encryption, it seems likely that legislative efforts would
concentrate on banning non-compliant encryption in hardware devices, in
conjunction with the commission of crimes, and similar specified
areas. In the case of crimes, onerous additional penalties might be
enacted to discourage use of such systems--just as penalties are much
higher for committing many crimes with firearms.
Regardless of any "limitations" to the intended focus of such
legislative efforts, the effect of any such moves to ban non-Clipper
encryption could be chilling to personal privacy, industry, commerce,
and other areas of daily life, to a degree that's difficult to
underestimate as we pass into the true information age.
Comments on all sides of this issue are invited.
-- MODERATOR ]
------------------------------
Date: Fri, 18 Aug 1995 17:21:46 -0700 (PDT)
From: gmusser@stars.SFSU.EDU (George Musser)
Subject: A question about membership lists on the WWW
Hi everybody,
I've just joined the privacy list, and I'm hoping that someone
can point me in the right direction with a question we're having
about the privacy of our membership list.
We are a nonprofit professional and educational organization with roughly
6,000 members worldwide. We would like to make our membership directory
available in a seachable form on our World Wide Web page, since many members
have requested this. But some of us are concerned about the legal and
ethical implications of making the membership directory available in such a
public forum.
On the one hand, we do sell our membership lists to other organizations, minus
the names of people who have asked that their names not be sold. On the other
hand, we are worried that publishing on the web is fundamentally different
from the one-time contractual sale of our database. We plan to place a box on
the next membership dues billing to ask whether members would like to opt out.
Should we wait until all members have had a chance to look at this bill before
we put the directory on the web?
I hope that our siutation is clear; if not please do not hestitate to contact
me. Thank you for your help.
George
--
George Musser Editor, Mercury magazine
Astronomical Society of the Pacific gmusser@stars.sfsu.edu
390 Ashton Avenue 415-337-1100 (o)
San Francisco, CA 94112-1787 415-337-5205 (fax)
[ Once your membership information is made available on the
net, it becomes essentially public data, and can
never be effectively revoked. I'd urge you to not
include data for members who have not specifically
chosen to opt-in to such publication. Allowing them
to opt-out is not really good enough in this situation.
The default should be that their information is not
released via the net.
-- MODERATOR ]
------------------------------
Date: Mon, 7 Aug 95 23:13:11 UT
From: Brant Freer <BFreer@msn.com>
Subject: Microsoft's Explanation of the Registration Wizard
I pulled this statement from Microsoft's Web Site at:
http://www.microsoft.com/windows/pr/regwiz.htm
"Microsoft Windows 95
On-line Registration Feature Preserves User Privacy
May 30, 1995 -
Microsoft today responds to customer confusion with the on-line registration
option of Windows 95. Microsoft reassures customers the on-line registration
feature preserves user privacy. The confusion began last week when an
industry publication incorrectly reported that the on-line registration
option sent information on customers' computer systems to Microsoft without
consent. This article, and several subsequent posts on the Internet, alleging
the unauthorized query and sending of customer information, are not accurate.
In fact, the on-line registration option is simply an electronic version of
the paper-based registration card that will ship in the Windows 95 product
box. Similar to many paper-based registration cards, on-line registration is
completely optional and allows customers to provide their system information
for product support and marketing purposes.
The on-line registration option in Windows 95 provides a more convenient and
accurate method for registering than the paper-based card that comes in the
product box. This is because the information is gathered directly from the
local computer rather than requiring the user to guess their system
information, and then type it and send via a separate card.
The on-line registration process uses three steps to register customers.
Customers are asked to provide information such as Customer Name, Company
Name, Address and Phone Number. Customers are then presented the option of
providing information about their computer system's configuration. A screen
displays a list of the computer system's configuration information - such as
the processor type, amount of RAM and hard disk space, and hardware
peripherals such as network card, CD-ROM drive, and sound card. This
information is gathered by the registration program which queries the system
registry of the local computer. Customers must review and explicitly choose
to provide the information or it is not sent. Customers are then presented
with a list of application programs that reside on the local computer and
asked if they would like to provide this information as well. The list of
products is gathered by the registration program which looks for a list of
programs on the local hard disk. The user must again explicitly choose to
provide this information as part of the registration process or it is not
sent.
Once the user chooses to send the information, the registration process
completes by sending the registration information to Microsoft. On-line
registration uses the transport of the Microsoft Network to send the
information. The customer does not have to be a Microsoft Network subscriber
to register on-line, and once registered, the customer is not a Microsoft
Network subscriber. Registering Windows 95 is a separate process from
signing up for the Microsoft Network. Contrary to reports, the on-line
registration feature does not query serial numbers or product registration
information designed to fight software piracy. It also does not query
computers on the local or wide-area network. For a list of the exact
information gathered by on-line registration, the user can view the
REGINFO.TXT file found in the C:\WINDOWS directory of the local computer.
The on-line registration feature of Windows 95 is an option for customers
that makes registering Windows 95 more accurate and convenient. Providing
computer-specific configuration information is strictly up to the customer.
The registration information helps Microsoft build better products, as well
as offer customers better information on their programs and better product
support."
[ While it's nice to see confirmation that Win95 doesn't run off
and shoot all sorts of data up the line without permission,
this explanation doesn't address the key point of how such
data will be used. The blurb does mention "marketing", and
that covers an awfully broad area, especially when the
Wizard can send out a list of the other packages installed on
your system.
To say that this mechanism replaces paper registrations might be
true, but without a doubt the amount and level of detail, not to
mention the response rate, is obviously going to be vastly higher
than with standard registrations that usually ask for very little
information about your configuration, other products you run, and
the like. Keeping in mind that most users of these systems are
not computer experts, most persons will probably just answer "yes"
to the upload queries without thinking twice about how that info
might be used. According to press accounts, this concern has caused
various commercial and government entities with large installed
bases of PCs to either ban the use of Win95, or to construct
elaborate firewalls to prevent their users from naively uploading
configuration and installed product information that the entity
involved considers to be none of Microsoft's business.
There appear to be other significant risks associated with the
tight coupling of Win95 with Microsoft's online service as
well. See the next message for more.
-- MODERATOR ]
------------------------------
Date: Fri, 18 Aug 1995 08:34:28 -0700
From: andyc@praxiss.demon.co.uk
Subject: The MSN is Hacker Heaven
[ From Risks-Forum Digest; Volume 17 : Issue 27 -- MODERATOR ]
{ Below is an article, forwarded with the authors permission. The risks are
obvious. I wonder how the risks can be reduced. Andy Chesterton }
As most of us are aware, the commercial online services, such as AOL,
Compuserve and Prodigy, represent certain risk to the unsophisticated user.
Unfortunately, the Microsoft Network (MSN) raises the vulnerability of such
users to unprecedented heights.
Key to this vulnerability is the richness and complexity of the MSN/Windows
95 environment. What is most dangerous is the ability for the author of an
e-mail or (certain) BBS documents to embed "objects" in that document. These
objects can be readily disquised to appear totally benign to the casual user
and be nothing more than MSN navigational aids. Once double-clicked by the
recipient, these objects can readily infect the recipient's PC with a virus.
Worse, what this object could do is only limited by one's imagination. It
is worthwhile noting that MSN appears to be migrating to an open
architecture, with the MSN user connecting through the Internet. If this is
true, there is nothing which prevents an object, once activated, from
transmitting information stored on the user's PC to any other location on
the Internet.
In theory, embedded objects can be interrogated to ensure their validity.
Unfortunately, this interrogation process is not likely to be carried out by
the average user. Even if it is, the user is not likely to understand what
they are looking at. It is like warning automobile drivers to look under
the hood of their car before starting it to make sure there is not a bomb
inside. Most drivers would assume that the odds were with them. Those that
did check would have no idea what they were looking at. (At least that's my
feeling when I look under the hood of my car :-).
Microsoft's position appears to be that the MSN user is no more vulnerable
than one who uses a competing system. I would maintain that this position
is just not true. With system complexity comes excessive vulnerability.
MSN rates a 9 in complexity. The other services a 4.
The bottom line: Users of MSN are placing themselves at significant risk.
If one must use MSN, avoid at all cost activating (double-clicking) objects
in e-mail messages and BBS posts. Sophisticated users may think they know
what they are doing, but it probably won't be long before they are outwitted
by someone who figures out how to totally disguise an object's true purpose.
----------------
Date: Sat, 19 Aug 1995 08:58:06 -0400 (EDT)
From: fc@all.net (Dr. Frederick B. Cohen)
Subject: The Info-Sec Super Journal
Management Analytics is proud to announce the Info-Sec Super-Journal.
The Info-Sec Super-Journal is an on-line collection of doubly refereed
papers. By working out arrangements with various publishers and
authors, we have gotten permission to republish the best information
security articles in an on-line format. Most of our articles have
previously appeared in refereed publications and are now being made
available via the World Wide Web as part of Info-Sec Heaven's ongoing
effort to make top-flight info-sec information readily available.
The Info-Sec Super-Journal is now available through our World Wide Web
server (see details below). We welcome your comments and participation.
--
See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
------------------------------
Date: 16 Aug 1995 07:51:10 U
From: "Dave Banisar" <banisar@epic.org>
Subject: Final Program - AST 9/4/95
ANNOUNCEMENT OF FINAL PROGRAM
Advanced Surveillance Technologies
A one day public conference
sponsored by
Privacy International and
Electronic Privacy Information Center
4 September 1995
Grand Hotel Copenhagen, Denmark
Overview
Recent developments in information technology are leading to the
creation of surveillance societies throughout the world. Advanced
information systems offer an unprecedented ability to identify,
monitor, track and analyse a virtually limitless number of
individuals. The factors of cost, scale, size, location and distance
are becoming less significant.
The pursuit of perfect identity has created a rush to develop systems
which create an intimacy between people and technology. Advanced
biometric identification and ID card systems combine with real-time
geographic tracking to create the potential to pinpoint the location
of any individual. The use of distributed databases and data matching
programs makes such activities economically feasible on a large
scale.
Extraordinary advances have recently been made in the field of visual
surveillance. Closed Circuit Television (CCTV) systems can digitally
scan, record, reconfigure and identify human faces, even in very poor
light conditions. Remote sensing through advanced satellite systems
can combine with ground databases and geodemographic systems to
create mass surveillance of human activity.
Law is unlikely to offer protection against these events. The
globalisation of information systems will take data once and for all
away from the jurisdiction of national boundaries. The development of
data havens and rogue data states is allowing highly sensitive
personal information to be processed without any legal protection.
These and other developments are changing the nature and meaning of
surveillance. Law has scarcely had time to address even the most
visible of these changes. Public policy lags behind the technology by
many years. The repercussions for privacy and for numerous other
aspects of law and human rights need to be considered immediately.
Advanced Surveillance Technologies will present an overview of these
leading-edge technologies, and will assess the impact that they are
likely to have in the immediate future. Technology specialists will
discuss the nature and application of the new technologies, and the
public policy that should be developed to cope with their use.
The conference will also bring together a number of Data Protection
Commissioners and legal experts to assess the impact of the new
European data protection directive. We assess whether the new rules
will have the unintended result of creating mass surveillance of the
Internet.
The conference will be held in Copenhagen, and is timed to co-incide
with the annual international meeting of privacy and data protection
commissioners.
PROGRAM
10.00 - Introduction and Welcome
10.10 Keynotes
Simon Davies, Director General, Privacy International and Visiting
Law Fellow, University of Essex, UK,
"Fusing Flesh and Machine"
This lively introduction will provide an overview of recent trends in
technology, culture and politics that are bringing about an era of
universal surveillance. The paper concentrates on the theme of
fusion, in which data and data subjects are being brought into more
intimate contact. The creation of an informational imperative
throughout society is leading to the degradation of privacy as a
fundamental right. As a result, there are few remaining boundaries to
protect the individual from surveillance.
Steve Wright, Director, Omega Foundation, UK
'New Surveillance Technologies & Sub-state Conflict Control.
This talk will cover the role and function of new surveillance
technologies; an overview of the state of the art and some of the
consequences eg the policing revolution - with a move away from
firebrigade policing towards prophylactic or pre-emptive policing
where each stop and search is preceded by a data check. The emergence
of new definitions of subversion to justify new data gathering
activities and an increasing internal role for the intelligence
agencies now that the cold war has ended. It will show how
different surveillance and computer technologies are being integrated
and how such information and intelligence gathering is linked into
more coercive forms of public order policing when tension indicators
rise during a crisis.
11:15 - 11:30 Break
11.30 - 12.45 Regulation versus freedom
The European Data protection Directive will establish a common
privacy position throughout Europe. Its intention is to safeguard
personal privacy throughout the Union, yet already there are glaring
conflicts with the freedom of information flows on the net. This
section discusses the threat of universal surveillance of the net
caused by the new laws.
Frank Koch, Rechtsanwalt, Munchen, Germany
European Data Protection : Against the Internet ?
Data Protection, according to the Common Position (CP) of the
European Union, requires control over the medium used for transfers
of personal data, the recipients of these data, and the way these
data are used. The open structure of the Internet seems to be quite
incompatible with these requirements. The member States and the
controllers within them are required to take all steps to ensure that
personal data are not transferred into communication nets that do
not conform to the CP. This paper will discuss why personal data will
be prevented from being freely transferred throughout the internet,
and how this will affect users of the net.
Malcolm Norris, Data Protection Registrar, Isle of Mann
Enforcing privacy through surveillance?
The need for a Europe-wide privacy directive is pressing. Greater
amounts of personal data are flowing to a growing number of sites.
Yet, without care, there is a risk that such laws could have the
unintended consequence of causing widespread surveillance of
activities of net users. The fact that unprotected personal data
should not be flowing on the net might at some point provoke
authorities to routinely surveil net data. This paper discusses these
dilemmas, and suggests measures that might avoid the threat of
universal surveillance.
Lunch Break 12:30 - 1:45
1.45 - 3.15 Perfect surveillance
In many countries, the era of the private person is at an end.
Information surveillance, automatic visual recognition and geographic
tracking are at an advanced stage, and are set to imperil privacy.
This panel will discuss developments in surveillance, including
advanced Closed Circuit TV, satellite remote sensing, Intelligent
Vehicle Highway Systems, and forward looking infrared radar.
Phil Agre, University of California, Advanced tracking technologies
Ambitious plans for advanced transport informatics have brought
serious privacy concerns. Computerized tracking of both industrial
and private vehicles may not be consciously intended to reproduce the
erstwhile internal passport systems of the Soviet Union and South
Africa, but deeply ingrained technical methodologies may produce the
same result nonetheless. This presentation surveys some of the
purposes behind ongoing transport informatics programs, including
integrated logistics systems and regulatory automation. It offers a
conceptual analysis of "tracking" in technical practice. The most
serious dangers to individual liberty and civic participation can be
greatly alleviated, though, through the systematic use of digital
cash and other technologies of anonymity. At the moment, this
prospect seems much more likely in Europe than in the United States.
Simon Davies, Privacy international, Closed Circuit Television and
the policing of public morals
The use of Closed Circuit Television (CCTV) camera systems has become
a key plank in the law and order strategy of the British government.
Most cities in Britain are constructing powerful, integrated CCTV
systems to surveil shopping areas, housing estates and other public
areas. Although there is some evidence that this extraordinary
strategy is having an effect on crime figures, it is also becoming
apparent that the cameras are increasingly used to enforce public
morals and public order. The use of new visual information processing
technologies is leading to numerous unintended purposes for the
cameras, including automated crowd control and automated face
recognition.
Detlef Nogala, University of Hamburg, Germany, Techno-policing
Technology has been used for many years for surveillance purposes,
and the last decades have seen a rapid proliferation of different
surveillance technologies into the civilian realm. Today there is a
whole industry which is trying to direct the momentum of military
surveillance technologies into the civilian security market. But
there is a difference between some spectacular applications (like the
gunshot-locator system derived from submarine sonar-technology) and
common applications on a mass basis (like smart cards with digitally
stored fingerprints). Among the "counterforces" like data-protection
laws, political opposition or consumer politics a deficit in
financial resources is not the least one. It is clear that most
surveillance agencies are trapped in the contradiction between
maximum performance and economy. This paper discusses the various
forces and influences that bear upon a decision to implement
particular technologies of surveillance.
3:00 - 3:15 Break
3:15 - 4:30 Solutions
This session will discuss a range of responses to the new era of
surveillance. These include regulation, consumer action, and the
development of privacy friendly technologies.
Dave Banisar, Electronic Privacy Information Center, Washington DC
Encryption and the threat of universal surveillance of the net
Encryption is one technological solution to the problem of privacy
invasion and surveillance, yet encryption also provides an excuse for
governments to undertake surveillance of citizens. Documents recently
secured by EPIC indicate that US Law enformcent and intelligence agencies
had planned to implement a two stage strategy for its Clipper Chip
encryption policy, resulting in non-official encryption being made
illegal, and thus providing an opportunity for law enforcement
authorities to engage in limitless surveillance of communications.
This talk discusses the dilemma facing supporters of encryption.
Bruce Slane, Privacy Commissioner, New Zealand.
Some positive aspects of privacy law
In this talk, New Zealand Privacy Commissioner Bruce Slane presents a
number of positive aspects of legal regulation of information flows.
He describes areas where law is being successfully used to enforce
responsible information practices.
4:30- 5:00 Conclusion and Wrap-up
Number of participants : approximately sixty
Costs: US $75 - Individuals/non-profit organizations
$175 - Commercial organizations
Venue : Grand Hotel, Vesterbrogade 9.
DK -1620, Copenhagen V, Denmark
For further Information and registration please contact :
Dave Banisar
Privacy International Washington Office
666 Pennsylvania Ave, SE, Suite 301
Washington, DC 20003 USA
1-202-544-9240 (phone)
1-202-547-5482 (fax)
email : pi@privacy.org
Web address: privacy.org/pi/conference/
David Banisar (Banisar@privacy.org) * 202-544-9240 (tel)
Privacy International Washington Office * 202-547-5482 (fax)
666 Pennsylvania Ave, SE, Suite 301 * HTTP://www.privacy.org
Washington, DC 20003
------------------------------
End of PRIVACY Forum Digest 04.18
************************
Copyright © 2005 Vortex Technology. All Rights Reserved.