|
Computer Privacy Digest Vol 2 #020
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
Computer Privacy Digest Thu, 25 Feb 93 Volume 2 : Issue: 020
Today's Topics: Moderator: Dennis G. Rears
Re: Digitizing signatures for credit card purchases
Re: Digitizing signatures for credit card purchases
Re: Digitizing signatures for credit card purchases
Privacy of Police Reports
Anonymity/Pseudonymity and Email/Usenet
Civil Rights Story: originally Radar Detectors, believe it or not
THE VIDEOPHONE
Re: Digitizing signatures for credit card purchases
Re: Digitizing signatures for credit card purchases
Re: Digitizing signatures for credit card purchases
Privacy of Police Reports
Anonymity/Pseudonymity and Email/Usenet
Civil Rights Story: originally Radar Detectors, believe it or not
THE VIDEOPHONE
The Computer Privacy Digest is a forum for discussion on the
effect of technology on privacy. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy
(Moderated). Submissions should be sent to
[email protected] and administrative requests to
[email protected].
Back issues are available via anonymous ftp on ftp.pica.army.mil
[129.139.160.133].
----------------------------------------------------------------------
From: John De Armond <jgd@dixie.com>
Subject: Re: Digitizing signatures for credit card purchases
Date: Tue, 23 Feb 93 08:31:10 GMT
Organization: Dixie Communications Public Access. The Mouth of the South.
[email protected] (Jeffrey Kuta) writes:
>>This is a bug in the system. There is a workaround :-) What I do is
>>two-fold. One, I have a markedly different signature that I use for
>>non-negotiable things such as shipment receipts as opposed to the one I
>>use for negotiable instruments. The second tact is to simply mark an
>>"X" on electronic signature devices.
>>
>>This isn't as satisfying as organizing a boycott or a protest but it does
>>work and it let you have one less thing to worry about.
>I kinda like that 'X' tactic. But I'd appreciate it if you could give a
>little better description of "negotiable" vs. "non-nbegotiable" for those
>of us who are ignorant of those terms. :)
I don't strictly hold to the Webster's definition of "negotiable".
A check, a contract (other than "standardized" contracts), bonds,
safety deposit box access, etc fits my definition of "negotiable".
Letters, post cards, package receipts, credit card slips (because so
many people have access to them) and similar items are non-negotiable.
"Negotiable" generally means 'capable of being liquidated for cash".
John
--
John De Armond, WD4OQC |Interested in high performance mobility?
Performance Engineering Magazine(TM) | Interested in high tech and computers?
Marietta, Ga | Send ur snail-mail address to
jgd@dixie.com | perform@dixie.com for a free sample mag
Need Usenet public Access in Atlanta? Write Me for info on Dixie.com.
------------------------------
Date: Tue, 23 Feb 93 09:48:17 MST
From: Tom Wicklund <[email protected]>
Subject: Re: Digitizing signatures for credit card purchases
In comp.society.privacy, [email protected] writes:
>I got some email from someone basically asking "What's so wrong,
>they could digitize your signature from a piece of paper?"
>If you use a computerized credit card charge system where the
>ONLY receipt with your signature on it is one that THEY print
>when a charge is disputed, then you have no possibility of
>proving that you didn't make a purchase.
Many stores are going to non-computerized forms of this -- they print
you a receipt, then print a second receipt which you sign and they
keep. You don't have a receipt with your signature.
Since I doubt the store physically sends the signed receipt to the
bank, your bank also doesn't have a signed receipt unless they get it
from the store, which will have a hard time finding a particular
receipt out of the hundreds for a certain day.
>*IF* someone took your carbons or forged your signature, then
>the signature would not be yours. You could go through all of
>your receipts and see for yourself. The merchant could NOT produce
>a forged receipt with un-forged signature.
However, sometimes the customer receives the original of the signature
while the store keeps a carbon. If the store's (valid) carbon
signature is proof enough of the transaction, it's not hard for an
unscrupulous store to get your signature on an extra carbon underneath
the one you sign -- especially with new cash register printed
carbonless reciepts, in which an extra sheet underneath would be easy
to insert but hard for the customer to notice.
>However, if a merchant (or actually someone working there) wanted
>to defraud someone, they could claim you had made purchases when you
>had not. When the bank or credit card company asked for a receipt,
>they could easily produce one with your signature on it -- just like
>the other ten thousand receipts they "keep on-line". Obviously,
>you did make the purchase since the signature is yours and is not
>forged.
True, this will be simpler -- though for systems like the one
originally described I'm not too worried -- I doubt it has a built in
ability to patch an arbitrary signature on an arbitrary receipt.
I wonder how important the signature is. Many companies operate mail
order by taking phone orders. These companies never get a signature
from the purchaser, yet I haven't heard of either massive abuse of
credit card numbers (there are some, but it's not industry wide).
Hotels also routinely take card numbers for guaranteed reservations
and I assume they sometimes run the charges through.
I assume credit card companies would need to handle digitized
signatures in the same way they handle lack of signature. In both
cases it's possible to create a fraudulent charge for which the card
holder has no record.
------------------------------
From: Rhonda Landy <[email protected]>
Date: Wed, 24 Feb 93 13:17:02 PST
Subject: Re: Digitizing signatures for credit card purchases
Dean Collins writes:
>I agree. It's things like this that give me chills down the spine.
>Neither a computerized signature nor a paper signature is safe
>since both are easily reproduced. For this reason a signature
>will no longer be accepted as a valid authentication method
>in a few short years. We will undoubtably move to more secure
>procedures, such as retinal scans or DNA fingerprints.
Man oh man! And the thought of that *doesn't* put chills down your spine?
The more secure the procedure, the more they can invade your privacy.
Retinal scans and DNA fingerprints will play *hell* with trying to set
up a new identity for oneself. What will happen to witness protection
programs? And what if retinal scans can be done without your noticing,
say through a hidden camera zoom lens? Then I couldn't even make a cash
purchase anonymously. (shudder)
------------------------------
Date: Wed, 24 Feb 93 13:54 EST
From: [email protected]
Subject: Privacy of Police Reports
I am working on a project involving issues of personal privacy and
police and motor vehicle records. Specifically, a question has been
raised about the legality of a private group which publishes
newsletters and periodicals obtaining police reports, criminal history
records, and licence plate checks from "friendly" law enforcement
sources. I understand that this is a question of state law in most
states. Can anyone advise where I might find a compendium of state
privacy statutes which would cover the question of whether it it
illegal to receive such information?
------------------------------
From: Wes Morgan <[email protected]>
Subject: Anonymity/Pseudonymity and Email/Usenet
Organization: University of Kentucky Engineering Computing Center
Date: Thu, 25 Feb 1993 16:08:00 GMT
I'm going to avoid the "right to privacy" and "freedom of the net"
discussions for the moment; I'd like to address a more fundamental
question.
I think that the bigger issue is one that most participants in this dis-
cussion have not considered, namely:
Can our current network(s) support anonymous/pseudonymous work
*with the proper respect* for anonymity/pseudonymity?
I say that it cannot. I say this for several reasons:
- There are many means by which users can "spy on" the terminals
of other users. There are commercial products that allow such
monitoring without the user's knowledge.
- Almost *anyone* can monitor a local network. For instance,
there are several freely available programs that turn a net-
worked PC into a real-time network monitor. Someone here at
UK could be recording my every keystroke, and I'd never know
it.
- Most real-time traffic (e.g. TCP/IP traffic) from a given site
goes through a single point of control to reach the 'outside
world'. There's another opportunity for monitoring and
violation of confi- dentiality. If a site gateways into
CERFNet (for example), I wouldn't be surprised if
that gateway saw every bit of traffic flying across the
CERFNet backbone. If your local firewall/gateway has acutal
users (as opposed to a standalone system), they could
conceivably see every piece of email flying through the
gateway.
- Electronic mail is not necessarily a point-to-point channel. Your
message may sit in a mail queue on your local machine; that's
an opportunity for loss of confidentiality. (without even
reading the message itself, depending on the information
provided in mail logs) On some systems, *any* user can list
the messages in the email queue. If the message cannot be
delivered directly, it will sit in similar queues at several
other systems before reaching its destination. I've seen
email messages (and Usenet postings) that travelled through
12-15 systems before reaching me.
- Almost *any* email administrator (or list owner, for that
matter) can examine messages in the queue. 'Nuff said.
- In some cases, queues can be examined by third parties. (other
than the aforementioned administrators) For instance, I can
retrieve quite a bit of information about queued BITNET files,
even if they are not travelling through my site. (At one time,
it was possible to examine the headers of queued RSCS files on
other systems, which revealed the sending and destination
addresses; this may no longer be possible.)
- Most electronic mail systems return "bounced mail" messages when
email cannot be delivered. Most of these messages, in turn, in-
clude the headers of the failed message and the content of the
message itself.
- Of course, all multi-user computer systems are (almost by definition)
insecure. If someone breaches security on a system, they
probably have access to everything on the system. 'Nuff
said.
If you want to entrust your anonymity/confidentiality to such a large
audience spread over (possibly) dozens of sites, I guess you can do so;
*I* wouldn't trust "network anonymity" as far as I could throw it. (I
wonder what a "bounced mail" message from an anonymous service reveals.)
In conclusion, I do not believe that the current network structure can
properly support anonymity/pseudonymity. Those who maintain that it can
do so are merely fooling themselves; this false sense of privacy (or
security, or confidentiality) should not be encouraged. The foremost
rule of electronic communications is still, in my opinion, the first rule
taught to me:
Never entrust anything to electronic communications that you
would not wish to see in your local newspaper.
At a minimum, I would use encryption techniques on *every* anonymous
or pseudonymous message. I've seen postings using PGP and other public
key schemes; that's a step in the right direction. Plaintext *cannot*
be considered secure or confidential in today's network environment; no
'alias server' or third-party email forwarding can provide the level of
privacy/confidentiality you want.
--Wes
--
MORGAN@UKCC | Wes Morgan | ...!ukma!ukecc!morgan
[email protected] | University of Kentucky | morgan@wuarchive.wustl.edu
[email protected] | Lexington,Kentucky USA | [email protected]
Mailing list for AT&T StarServer S/E - [email protected]
------------------------------
From: [email protected]
Subject: Civil Rights Story: originally Radar Detectors, believe it or not
Organization: University of Lowell
Date: Thu, 25 Feb 1993 21:15:18 GMT
> I don't know about you, but if a rusty '75 Ford was trying to pull
> me over, I wouldn't pull over, whether they had an official looking
> light/siren or not. I'd have to see more evidence that this wasn't
> some scheme someone was using to rob me.
I hope I am not wandering too far from the purpose of this group, but
your paragraph reminds of a story my son told us.
He is taking junior year abroad in Europe, and took advantage of the
Christmas vacation to travel using one of those "all the Europe you
can travel in 2 weeks by rail" deals. He does not speak French well.
Not only does he have long hair, but he had lost his razor and looked
grungier than ever. He got off the train, and a man in plain clothes
said something to him; he figured it might be a pickpocket, and mumbled
something back. The man became more insistent, said he was a customs
official, and asked him <to open his bag, or show ID, or something>.
Son asked him to show ID that he was a customs official; I heartily agree
with son, at least in the USA. And that, without going any further,
is the real point of my question. If they had arrested son, I am sure
(from watching TV, 8-) ) that the case would get thrown out of court in
this country; what would happen in France? what are your rights?
For the idly curious, now that I have taken you this far, the man said
something like, "OK. I will identify myself, but I am getting mad".
(and added something like "I will give you one chance" if I recall).
I guess I never did get what his ID looked like; but son in return shows him
passport. Apparently this was sort of overkill; officer was looking for
less; he says something to the effect of "it is you Americans we have all
the trouble with". [This coincides with stories that French people hate
American tourists.] But, as a result he let son go without looking in
his bags at all.
Sidelight: older son had studied in France for a year. He says that one
reason for the trouble is that the train originated in Amsterdam (a source
of drugs), although that is not where his brother got on. Adding that to
"beatnik" looks is a red flag for customs.
--
Brendan Welch, UMass/Lowell, W1LPG, [email protected]
------------------------------
From: Michael Freudenthal <[email protected]>
Subject: THE VIDEOPHONE
Date: Thu, 25 Feb 1993 22:00:23 GMT
Organization: University of Illinois
I am currently doing research on the videophone. I am interested on the
positive and negative aspects the videophone will bring into the
workforce and at home. If anyone has any information, I would really
appreciate it.
------------------------------
From: John De Armond <jgd@dixie.com>
Subject: Re: Digitizing signatures for credit card purchases
Date: Tue, 23 Feb 93 08:31:10 GMT
Organization: Dixie Communications Public Access. The Mouth of the South.
[email protected] (Jeffrey Kuta) writes:
>>This is a bug in the system. There is a workaround :-) What I do is
>>two-fold. One, I have a markedly different signature that I use for
>>non-negotiable things such as shipment receipts as opposed to the one I
>>use for negotiable instruments. The second tact is to simply mark an
>>"X" on electronic signature devices.
>>
>>This isn't as satisfying as organizing a boycott or a protest but it does
>>work and it let you have one less thing to worry about.
>I kinda like that 'X' tactic. But I'd appreciate it if you could give a
>little better description of "negotiable" vs. "non-nbegotiable" for those
>of us who are ignorant of those terms. :)
I don't strictly hold to the Webster's definition of "negotiable".
A check, a contract (other than "standardized" contracts), bonds,
safety deposit box access, etc fits my definition of "negotiable".
Letters, post cards, package receipts, credit card slips (because so
many people have access to them) and similar items are non-negotiable.
"Negotiable" generally means 'capable of being liquidated for cash".
John
--
John De Armond, WD4OQC |Interested in high performance mobility?
Performance Engineering Magazine(TM) | Interested in high tech and computers?
Marietta, Ga | Send ur snail-mail address to
jgd@dixie.com | perform@dixie.com for a free sample mag
Need Usenet public Access in Atlanta? Write Me for info on Dixie.com.
------------------------------
Date: Tue, 23 Feb 93 09:48:17 MST
From: Tom Wicklund <[email protected]>
Subject: Re: Digitizing signatures for credit card purchases
In comp.society.privacy, [email protected] writes:
>I got some email from someone basically asking "What's so wrong,
>they could digitize your signature from a piece of paper?"
>If you use a computerized credit card charge system where the
>ONLY receipt with your signature on it is one that THEY print
>when a charge is disputed, then you have no possibility of
>proving that you didn't make a purchase.
Many stores are going to non-computerized forms of this -- they print
you a receipt, then print a second receipt which you sign and they
keep. You don't have a receipt with your signature.
Since I doubt the store physically sends the signed receipt to the
bank, your bank also doesn't have a signed receipt unless they get it
from the store, which will have a hard time finding a particular
receipt out of the hundreds for a certain day.
>*IF* someone took your carbons or forged your signature, then
>the signature would not be yours. You could go through all of
>your receipts and see for yourself. The merchant could NOT produce
>a forged receipt with un-forged signature.
However, sometimes the customer receives the original of the signature
while the store keeps a carbon. If the store's (valid) carbon
signature is proof enough of the transaction, it's not hard for an
unscrupulous store to get your signature on an extra carbon underneath
the one you sign -- especially with new cash register printed
carbonless reciepts, in which an extra sheet underneath would be easy
to insert but hard for the customer to notice.
>However, if a merchant (or actually someone working there) wanted
>to defraud someone, they could claim you had made purchases when you
>had not. When the bank or credit card company asked for a receipt,
>they could easily produce one with your signature on it -- just like
>the other ten thousand receipts they "keep on-line". Obviously,
>you did make the purchase since the signature is yours and is not
>forged.
True, this will be simpler -- though for systems like the one
originally described I'm not too worried -- I doubt it has a built in
ability to patch an arbitrary signature on an arbitrary receipt.
I wonder how important the signature is. Many companies operate mail
order by taking phone orders. These companies never get a signature
from the purchaser, yet I haven't heard of either massive abuse of
credit card numbers (there are some, but it's not industry wide).
Hotels also routinely take card numbers for guaranteed reservations
and I assume they sometimes run the charges through.
I assume credit card companies would need to handle digitized
signatures in the same way they handle lack of signature. In both
cases it's possible to create a fraudulent charge for which the card
holder has no record.
------------------------------
From: Rhonda Landy <[email protected]>
Date: Wed, 24 Feb 93 13:17:02 PST
Subject: Re: Digitizing signatures for credit card purchases
Dean Collins writes:
>I agree. It's things like this that give me chills down the spine.
>Neither a computerized signature nor a paper signature is safe
>since both are easily reproduced. For this reason a signature
>will no longer be accepted as a valid authentication method
>in a few short years. We will undoubtably move to more secure
>procedures, such as retinal scans or DNA fingerprints.
Man oh man! And the thought of that *doesn't* put chills down your spine?
The more secure the procedure, the more they can invade your privacy.
Retinal scans and DNA fingerprints will play *hell* with trying to set
up a new identity for oneself. What will happen to witness protection
programs? And what if retinal scans can be done without your noticing,
say through a hidden camera zoom lens? Then I couldn't even make a cash
purchase anonymously. (shudder)
------------------------------
Date: Wed, 24 Feb 93 13:54 EST
From: [email protected]
Subject: Privacy of Police Reports
I am working on a project involving issues of personal privacy and
police and motor vehicle records. Specifically, a question has been
raised about the legality of a private group which publishes
newsletters and periodicals obtaining police reports, criminal history
records, and licence plate checks from "friendly" law enforcement
sources. I understand that this is a question of state law in most
states. Can anyone advise where I might find a compendium of state
privacy statutes which would cover the question of whether it it
illegal to receive such information?
------------------------------
From: Wes Morgan <[email protected]>
Subject: Anonymity/Pseudonymity and Email/Usenet
Organization: University of Kentucky Engineering Computing Center
Date: Thu, 25 Feb 1993 16:08:00 GMT
I'm going to avoid the "right to privacy" and "freedom of the net"
discussions for the moment; I'd like to address a more fundamental
question.
I think that the bigger issue is one that most participants in this dis-
cussion have not considered, namely:
Can our current network(s) support anonymous/pseudonymous work
*with the proper respect* for anonymity/pseudonymity?
I say that it cannot. I say this for several reasons:
- There are many means by which users can "spy on" the terminals
of other users. There are commercial products that allow such
monitoring without the user's knowledge.
- Almost *anyone* can monitor a local network. For instance,
there are several freely available programs that turn a net-
worked PC into a real-time network monitor. Someone here at
UK could be recording my every keystroke, and I'd never know
it.
- Most real-time traffic (e.g. TCP/IP traffic) from a given site
goes through a single point of control to reach the 'outside
world'. There's another opportunity for monitoring and
violation of confi- dentiality. If a site gateways into
CERFNet (for example), I wouldn't be surprised if
that gateway saw every bit of traffic flying across the
CERFNet backbone. If your local firewall/gateway has acutal
users (as opposed to a standalone system), they could
conceivably see every piece of email flying through the
gateway.
- Electronic mail is not necessarily a point-to-point channel. Your
message may sit in a mail queue on your local machine; that's
an opportunity for loss of confidentiality. (without even
reading the message itself, depending on the information
provided in mail logs) On some systems, *any* user can list
the messages in the email queue. If the message cannot be
delivered directly, it will sit in similar queues at several
other systems before reaching its destination. I've seen
email messages (and Usenet postings) that travelled through
12-15 systems before reaching me.
- Almost *any* email administrator (or list owner, for that
matter) can examine messages in the queue. 'Nuff said.
- In some cases, queues can be examined by third parties. (other
than the aforementioned administrators) For instance, I can
retrieve quite a bit of information about queued BITNET files,
even if they are not travelling through my site. (At one time,
it was possible to examine the headers of queued RSCS files on
other systems, which revealed the sending and destination
addresses; this may no longer be possible.)
- Most electronic mail systems return "bounced mail" messages when
email cannot be delivered. Most of these messages, in turn, in-
clude the headers of the failed message and the content of the
message itself.
- Of course, all multi-user computer systems are (almost by definition)
insecure. If someone breaches security on a system, they
probably have access to everything on the system. 'Nuff
said.
If you want to entrust your anonymity/confidentiality to such a large
audience spread over (possibly) dozens of sites, I guess you can do so;
*I* wouldn't trust "network anonymity" as far as I could throw it. (I
wonder what a "bounced mail" message from an anonymous service reveals.)
In conclusion, I do not believe that the current network structure can
properly support anonymity/pseudonymity. Those who maintain that it can
do so are merely fooling themselves; this false sense of privacy (or
security, or confidentiality) should not be encouraged. The foremost
rule of electronic communications is still, in my opinion, the first rule
taught to me:
Never entrust anything to electronic communications that you
would not wish to see in your local newspaper.
At a minimum, I would use encryption techniques on *every* anonymous
or pseudonymous message. I've seen postings using PGP and other public
key schemes; that's a step in the right direction. Plaintext *cannot*
be considered secure or confidential in today's network environment; no
'alias server' or third-party email forwarding can provide the level of
privacy/confidentiality you want.
--Wes
--
MORGAN@UKCC | Wes Morgan | ...!ukma!ukecc!morgan
[email protected] | University of Kentucky | morgan@wuarchive.wustl.edu
[email protected] | Lexington,Kentucky USA | [email protected]
Mailing list for AT&T StarServer S/E - [email protected]
------------------------------
From: [email protected]
Subject: Civil Rights Story: originally Radar Detectors, believe it or not
Organization: University of Lowell
Date: Thu, 25 Feb 1993 21:15:18 GMT
> I don't know about you, but if a rusty '75 Ford was trying to pull
> me over, I wouldn't pull over, whether they had an official looking
> light/siren or not. I'd have to see more evidence that this wasn't
> some scheme someone was using to rob me.
I hope I am not wandering too far from the purpose of this group, but
your paragraph reminds of a story my son told us.
He is taking junior year abroad in Europe, and took advantage of the
Christmas vacation to travel using one of those "all the Europe you
can travel in 2 weeks by rail" deals. He does not speak French well.
Not only does he have long hair, but he had lost his razor and looked
grungier than ever. He got off the train, and a man in plain clothes
said something to him; he figured it might be a pickpocket, and mumbled
something back. The man became more insistent, said he was a customs
official, and asked him <to open his bag, or show ID, or something>.
Son asked him to show ID that he was a customs official; I heartily agree
with son, at least in the USA. And that, without going any further,
is the real point of my question. If they had arrested son, I am sure
(from watching TV, 8-) ) that the case would get thrown out of court in
this country; what would happen in France? what are your rights?
For the idly curious, now that I have taken you this far, the man said
something like, "OK. I will identify myself, but I am getting mad".
(and added something like "I will give you one chance" if I recall).
I guess I never did get what his ID looked like; but son in return shows him
passport. Apparently this was sort of overkill; officer was looking for
less; he says something to the effect of "it is you Americans we have all
the trouble with". [This coincides with stories that French people hate
American tourists.] But, as a result he let son go without looking in
his bags at all.
Sidelight: older son had studied in France for a year. He says that one
reason for the trouble is that the train originated in Amsterdam (a source
of drugs), although that is not where his brother got on. Adding that to
"beatnik" looks is a red flag for customs.
--
Brendan Welch, UMass/Lowell, W1LPG, [email protected]
------------------------------
From: Michael Freudenthal <[email protected]>
Subject: THE VIDEOPHONE
Date: Thu, 25 Feb 1993 22:00:23 GMT
Organization: University of Illinois
I am currently doing research on the videophone. I am interested on the
positive and negative aspects the videophone will bring into the
workforce and at home. If anyone has any information, I would really
appreciate it.
------------------------------
End of Computer Privacy Digest V2 #020
******************************
|
|
