Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Many people regard greasy marks on monitor screens a nuisance. If there is any danger, it is the donor who is at risk because s/he many get some verbal or perhaps (tongue in cheek?) physical abuse from subsequent users. Not so. This weekend, I cleaned the monitor of a workstation I was using in our lab. Heeding warnings about getting electric shocks from static build ups, I turned the monitor off for a minute before applying the anti-static cleaner. When I began to wipe off the water-based cleaner with a paper towel, the screen burst into flames. Blue-yellow flames may look nice with a beige plastic `dimple effect' surround, but they are not good for the skin. Apparently, so I am told, CFCs have been replaced in these aerosols by flammable propellants. The risks are clear: the housekeeping maintenance of a computer is not without its dangers. If the lab had a lower ceiling, and I was not able to blow the fire out, this story might have been a different one. Simon Marshall, Dept. of Computer Science, University of Hull, Hull HU6 7RX, UK Email: S.Marshall@Hull.ac.uk Phone: +44 482 465181 Fax: 466666
[The following was distributed here at work by our security folks. I was surprised at the degree to which cellular traffic has apparently become public speech. But then, perhaps my surprise is just a reflection of my naivete. I'm not sure how Canada's laws compare to ours, but given how difficult it must be to catch someone at this, I can't imagine things are much different here in the 'States. (But then if it's so difficult, how'd they do the study???) Dave] Two Bell Canada security managers shared some startling data with us recently. In a three-month study of the Metro Toronto area earlier this summer, Bell found that 80 percent of all cellular telephone traffic is monitored by third parties. Even more eye-opening is the fact that 60 percent of monitored calls are taped for closer scrutiny and culling of marketable information. The chance of being monitored and taped is even higher in rural areas, where air traffic is lighter. Scanners cost as little as $200, and are sold in virtually every shopping mall in Toronto. Marketable information includes the obvious — mergers, take-overs, market and product plans, but the listeners are also looking for voice/phonemail access codes and passwords. The digitized tones are translated into numbers quite easily. "Phone phreaks", the telecommunications equivalent of computer hackers, use these numbers to break into voicemail systems. One misuse which is growing in frequency is the setting up of "pirate" voicemail boxes, often by organized crime. Pirated boxes give them the ability to disseminate information on drug deals, as one example, with little or no risk of detection. We ask you to be extremely cautious when using your personal or business cellular phone. Do not discuss confidential business matters, and avoid calling in for phonemail messages via your cellular phone. David L. King, IBM SE Region Information & Telecomm Systems Services Department CAY, Mail Drop D072, 10401 Fernwood Road, Bethesda MD 20817 301 571-4349
An article by John Flinn on the front page of the San Francisco Examiner, Sunday, 1 November 1992, listed several cases of inadvertent or advertent eavesdropping, in the midst of a fine story on the problems in general. * A supposedly private conference call among SF Mayor Jordan, real-estate magnate Walter Shorenstein, and several others discussing the then not public withdrawal of George Shinn from the effort to save the SF Giants was BROADCAST on a TV frequency. * "On the first day of the Soviet coup against Mikhail Gorbachev last year, a scanner buff overheard Vice President Dan Quayle making a call from Air Force Two to Sen. John Danforth about the unfolding crisis." * "In New Hampshire, an anti-nuclear activist picked up calls made from the control room at the Seabrook nuclear plant, including one real-life Homer Simpson saying, ``I've got a bad feeling about these valves.'' " * A Green Bay Packer football player was overheard calling a male escort service and making explicit requests. * A 23-minute conversation allegedly between Princess Diana and a man who called her ``my darling Squidge'' was taped by a retired bank manager in Oxford, and transcribed in The Sun. (The woman allegedly referred to the Royal Family as ``this ****ing family''.) After discussing privacy laws, legalities, and realities, Flinn notes that at Scanners Unlimited in San Carlos, CA, "about a quarter of the customers are interested in telephone eavesdropping."
Police Officials Cited for Searching Private Computer Records
LOS ANGELES (AP, 30 Oct 1992) — More than 45 police officials have
been cited since 1989 for using department computers to check the backgrounds
of baby sitters, house sitters and others for personal reasons, records show.
"It's a very serious problem," Police Commissioner Ann Reiss Lane said. The
citations came to light after a civilian Police Commission investigator was
suspended 10 days for using department computers without permission to get
confidential data on white supremacist Tom Metzger and actor Arnold
Schwarzenegger.
The union representing Robert Bauman appealed the suspension and
submitted records showing that more than 45 department employees had been
disciplined in the last three years for illegal computer use. Most received
suspensions of two or three days or verbal reprimands. As an example, Lane
said Thursday, an officer might use the computer to check the background of an
individual about to marry one of the officer's relatives.
Bauman's 10-day suspension without pay was upheld last week by the
Civil Service Commission. Bauman, a 23-year civilian employee, said he already
has served the suspension and was back at work. Bauman, a permit processor,
routinely uses police computers to check the criminal records, police files,
and tax records of people applying for police permits for massage parlors, gun
stores and pawn shops. He said he gathered information on Metzger because he
is a part-time historian who does research on right- and left-wing political
groups. Bauman said he tapped into Schwarzenegger's files because a co-worker
was curious about the actor.
Mark Bergman 718-855-9148 bergman@panix.com {cmcl2,uunet}!panix!bergman
Other than the obvious RISK, I'd like to point out that much or all of the data in question here is likely kept by government mandate. On a personal note, I recently recommended to a fellow employee that she report a third employee to her supervisor for a similar thing. #3 had offered to access credit data on someone that #2 was having personal and legal trouble with. What appalled me what that neither one thought there was anything wrong with "using the system" in this way — until I explained it in terms of *their* credit being revealed. <sigh>
Several Dutch newspapers recently carried the following story: The Dutch bank Rabobank has discovered a fraudulent use of their cash dispensers (The term ATM is not commonly used around here. A cash dispenser does just that - dispense cash from your bank account). After you have supplied your card, PIN, etc, banknotes for the desired amount will appear between the "jaws" of the machine. The notes are held rather firmly, and the jaws have a detection device to sense when the money has been removed. If you do not take your money within a given time, the machine will swallow it back, and undo the transaction on your account. The trick is that it appears to be possible to remove part of the stack of notes without the machine noticing. AND THE MACHINE DOES NOT COUNT THE MONEY IT TAKES BACK. Erling Kristiansen - ESTEC
Here is a positive story on the RISKS theme. I have summarized from the page 1A article of the 31-Oct-92 (Mpls, MN) Star Tribune entitled: After computer note from France, a life is saved Chris Ginther, a student and computer sales clerk, logged into his home computer Wednesday evening to read his email. One message was from "Emily", a pen-pal of his for several years in Bordeaux, France. The message said she felt cold, alone and empty, that her life was futile. The message said goodbye, and that she was going to kill herself in a few hours. Across a network he contacted her — she answered. He got her phone number and called her. Her weak, quiet voice said she wanted to die; that she had taken half a bottle of sleeping pills; that she was alone. Ginther and an AT&T operator were eventually able to explain the situation to French authorities. An ambulance soon arrived at her house, they smashed the door down, and found her barely breathing. "If we came one minute later," a paramedic said, "she would have been dead." Ginther has since received messages from Emily as well as her family for his heroic role. Emily regrets her foolish act, and is feeling better about her life now. Fortunately, Ginther doesn't wait until morning to read his email.
Padgett Peterson was telling me about his recent success in getting a BBS set up with one of the new modems with a "caller-id" feature. I think this is going to be a feature that a lot of sysops are going to want. It happened that just last week I had a request to look into a security problem for a local sysop. He is concerned with security and misuse of his board, and so he has installed a call-back-verify system to check out callers. If he can't call back and get a confirmed phone number, they don't get an account. Many sysops use this to avoid having to "voice verify" each and every caller. Most call back verify systems have an option that will prevent the system from returning long distance calls. Obviously, this will also apply to "900" pay-per-call numbers. Padgett reminds me that recently there was a scam in New York wherein pager wearers were "paged" by "576" pay-per-minute calls. The problem in Vancouver is that BC Tel has recently started up pay-per-call numbers, but they do not yet have identifiable prefixes. Therefore, ankies have been calling various BBSes that have call-back-verify, and leaving these pay-per-call numbers. The sysop who talked to me had lost about $50 in the last month, and this has only just started. Vancouver Inst. for Research into User Security, Canada V7K 2G6 604-526-3676 Robert_Slade@sfu.ca ROBERTS@decus.ca rslade@cue.bc.ca p1@CyberStore.ca
Despite all the other news, this story is still getting extensive coverage here
in the UK. The Independent's follow-up today (30 Oct.) to yesterday's front
page story appears as the main story on page 2. It identifies - for the first
time as far as I am concerned - the software company involved (Systems
Operations - a company I have not heard of before) and adds quite a bit of
detail and commentary to the original story, so again I thought it appropriate
to submit the complete item (without permission) to RISKS.
Brian Randell
Dept. of Computing Science, The University, Newcastle upon Tyne, NE1 7RU, UK
Brian.Randell@newcastle.ac.uk +44 91 222 7923 FAX = +44 91 222 8232
SOFTWARE FAILURE "MAY BE BEHIND AMBULANCE CRISIS"
By Susan Watts and Ian McKinnon
Computer specialists yesterday said that the system blamed for this week's
crisis at the London Ambulance Service appeared to ignore basic tenets for
software where breakdown would put lives at risk. The failure of the computer
system over 36 hours on Monday and Tuesday, which was said to have cost between
10 and 20 lives, raised serious questions about the way it was designed and
tested, experts said. Yesterday, the software company involved, Systems
Options, refused to comment.
Leaders of London's ambulance staff last night revealed they had given the
services's new chief executive three days to review the efficiency of the
computer system. Organisers of the public employees' union, Nupe, said they
would have preferred the Computer Aided Dispatch system to have been shut down
because it was a danger to the lives of patients.
But Chris Humphreys, the union's London regional organiser, said they had
chosen to allow a short period of grace to Mark Gorham, the acting chief
executive who replaced John Wilby after his resignation in the wake of an
outcry over delays of up to 11 hours in the arrival of emergency vehicles.
However, Mr. Hunphreys refused to disclose what action the union planned to
take if the management refused to meet its demands or arrive at a satisfactory
compromise. He emphasised that by reverting to the system in use prior to full
computerisation on Monday and Tuesday, patients' lives were still at risk.
Ambulance staff argue that the system of partial computerisation, used in
conjunction with radio and telephone to send ambulances to emergency calls, had
already led to 45 deaths in the capital because of delays.
However, Mr. Gorham yesterday held out an olive branch when he met union
leaders by promising to conduct a full investigation into the 20 deaths
ambulance staff said were the result of delays and breakdown earlier in the
week.
Robin Bloomfield, a consultant who advised the Government on a programme to
promote the safety of computer-controlled systems, said it was a fundamental
requirement for this kind of system to have several layers of defence against
fialure. He said the ambulance service was asking a lot of its computer
system. "With about a million calls a year the system has to be more reliable
than a nuclear reactor protection system. I would expect to see a detailed
safety case for justifying its operation, and several different back-up
systems". He said that as the system originally went into operation, the only
back-up it appeared to have was the expectation that people would make their
own arrangements if the system failed.
"Safety critical" software should always be passed to an independent assessor
to make sure it does what it is supposed to, and passes safety checks. This is
standard practice as part of the "safety culture" of companies in the nuclear
and transport industries which often use software on which people's lives
depend. Such software should have at least one back-up system which could be
manual, electronic or even an administrative procedure, ready to switch into
operation should something go wrong. Mr. Bloomfield said. "You would very
rarely rely on a single system."
Extra calls on Monday exacerbated the situation, but the computer system
should have been designed to cope with this. Tom Anderson, a director of
the Centre for Software Reliability in Newcastle upon Tyne, said: "If you
are getting overload the system should go into a fall-back mode". [...]
More than a quarter of accident and emergency ambulances from the London
Ambulance Service are failing to meet performance standards in the Patient's
Charter, Tom Sackville, Under-Secretary of State at the Department of Health,
said in a written Commons answer yesterday.
The Charter sets a 14-minute response time as the standard for London. Latest
statistics, for 1990-91, show 26.3 per cent falling below it, even though in 11
per cent of cases ambulances were able to respond in just seven minutes.
Today's `Independent on Sunday' (1st November, 1992) has further details
relating to the failure of the automatic despatch system introduced by the
London Ambulance Service last Monday. While it is difficult to get hard detail
from a newspaper article, some of the points made include:
- the despatch system could not distinguish between duplicate
calls relating to the same incident. In some cases several
ambulances turned up to respond to the same incident.
- logged calls were lost. One particular case is related in
detail, in which a disabled woman was trapped in her chair
by the body of her collapsed husband. She called the LAS
every 30 minutes, on each subsequent call being told that
there was no trace of the earlier call. An ambulance
eventually arrived 2.75 hours after the initial call, by
which time the husband had died.
The article also relates details of the pathetic attempt by the LAS and
government to `manage' the publicity over the failure. When the LAS management
eventually pulled the system out, on Tuesday, they initially tried to ``deflect
blame onto the staff''. On wednesday, a government minister announced that the
`computer had broken down'.
John Jones, Department of Computer Science, University of Hull, UK.
As you know, there has been a huge response to the "key registration" idea. I
posted a synopsis of the Dorothy Denning proposal in sci.crypt as "A Trial
Balloon to Ban Encryption?" So far, over 200 responses to this "risk." The
following piece was posted a few days ago (Friday) to sci.crypt.
--Tim May, 408-688-5409, tcmay@netcom.com
Date: Thu, 29 Oct 1992 23:29:53 GMT
Newsgroups: sci.crypt
From: tcmay@netcom.com (Timothy C. May)
Subject: Alarmism and Prof. Denning
Organization: Netcom - Online Communication Services (408 241-9760 guest)
Several people have complained, either in this group or in e-mail to me, that
some of my recent comments have been alarmist and detract from what they
consider to be my otherwise well-taken points. Fair enough.
In one posting I said "Be afraid. Be _very_ afraid." I assumed most folks would
recognize this as the tag line from the movie "The Fly." I thought it
euphonius, so I borrowed it. In any case, having some fear of what governments
may do to us seems to me to be a healthy thing.
I took great care to be as reasonable and as calm as possible a few days ago
when I posted the first message in this thread ("A Trial Balloon to Ban
Encryption?"). Clearly the key registration idea is controversial.
Now let me be even _more_ reasonable. I think Professor Denning has done us a
great service, as it has gotten some healthy debate going about these very
important issues. The more than 130 messages, most of them making excellent
points, in this group (and a few others, peripherally) indicate the intense
interest and scrutiny this subject has attracted.
Dorothy Denning has long been involved in crypto (she wrote the book, so to
speak) and more recently in hacker matters, as detailed in Bruce Sterling's new
book "The Hacker Crackdown." To assume she is somehow pushing this idea, in the
legislative sense, seems unfounded. It seems to me that she thought about some
of the serious implications of widespread crypto use, developed some ideas (as
Ron Rivest did last summer in an article in "IEEE Spectrum"), and talked about
them at the recent Computer Security Conference. Now we may think her
particular idea is wrong, for political and technological reasons, but we
should not villify her for floating the idea.
I used the term "trial balloon" in perhaps a way I should not have. It may have
suggested to some that Prof. Denning, who recently relocated to the Washington,
D.C. area, is part of a cabal of crypto advisors who are plotting the next
stage of our enslavement. (A smiley) So far as I know--and I hope we'll find
out soon enough--there is no proposed legislation along the lines Prof. Denning
suggested. I doubt she was acting as an agent for the Feds in floating this
idea. Just academic freedom at work.
Furthermore, I favor the open discussion of ideas. I am not one to fear
discussing some new idea, or technology, or whatever, for fear it will "give
Them ideas" or catalyze a crackdown. In an open society like ours, debate is
healthy.
I am happy this issue, which is one of several important crypto policy issues
that have been simmering for a long time, has come to prominence. I look
forward to seeing the debate here.
(The only thing that worries me is that folks may get so clever,
cryptographically speaking, that they patch the flaws in the key registration
proposal and thus make it more likely to become law. Let's not lose cite of
the fundamental issues surrounding liberty, surveillance, and privacy. But
since nearly everyone who has posted so far seems strongly committed to civil
liberties, these worries are minimal.)
On with the debate.
Timothy C. May tcmay@netcom.com 408-688-5409 W.A.S.T.E.: Aptos, CA
[Forwarded to RISKS by T. Kim Nguyen, Systems Design Engineer,
Document Imaging Systems, JTS Computer Systems Ltd., Toronto
kim@watnow.uwaterloo.ca k.nguyen@ieee.org, kim@jts.com uunet.ca!jts.com!kim]
Newsgroups: comp.privacy,alt.privacy
Date: Wed, 28 Oct 1992 17:05:34 GMT
From: nagle@netcom.com (John Nagle)
Keywords: Blockbuster video data privacy dossier database
Organization: Netcom - Online Communication Services (408 241-9760 guest)
Blockbuster Entertainment Corp. announced plans to used its database of 30
million Blockbuster video club members as part of its marketing push into the
music business. Blockbuster is acquiring the 7th largest and 12th largest
record chains from Shamrock Holdings, Inc, which will make Blockbuster the 7th
largest record retailer by the end of November.
Blockbuster sees many opportunities to cross-market home videos and music. Mr.
Steven R. Berrard, vice-chairman of Blockbuster, said that Blockbuster could
offer free video rentals to customers who buy music from Blockbuster record
stores. This works both ways; he was quoted as saying "If you rent a Disney
animated film for your children, I know there might be music that appeals to
them. This is a significant plus." He, and Mr. Joseph R. Baczso, speaking to
reporters and financial analysts in New York, said one of the company's
strengths in music retailing will be its base of 30 million Blockbuster video
club members and the data it has on those customers.
Whether or not such use of personal data would be a violation of the Video
Rental Privacy Act remains to be seen.
John Nagle
(ref: Wall Street Journal, 10/28, p. B6).
Please report problems with the web pages to the maintainer