Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
The Bank of Stockton (California) accidentally turned Mohammed Idrees Kussair's deposit of $100,000 into $1M. He assumed that a relative in Pakistan must have wired the money to him, and spent it to pay off rental properties and to take a trip to Pakistan. A San Joaquin County Superior judge ruled that he had not broken any laws, and cleared him of criminal charges. A spokesman for the bank said that the bank intends to sue him. [Source: An AP item in the San Francisco Chronicle, 11 Feb 1994]
Misuse of the Olympic E-mail system continued, subsequent to the earlier case reported in RISKS-15.59. Someone masqueraded as Wayne Abbott, a Canadian TV employee, and sent a nasty E-mail message to Cathy Turner relating to her skating style. [Cathy was disqualified for contact with another skater, after apparently winning the gold in the 1,000-meter speedskate.] [San Francisco Chronicle, 27 Feb 1994, p. C-5]
Quoting from the Feb. 24 News-Gazette of Champaign-Urbana, Illinois:
"UI student arrested for e-mail threat to Clinton"
URBANA — A University of Illinois student has been arrested for
threatening the life of President Clinton, U.S. Attorney Frances Hulin
announced today.
Christopher James Reincke, 18, of Townsend Hall, Urbana, allegedly
sent an electronic mail message to the White House on Dec. 4 threatening
Clinton, Hulin stated in a press release.
The message read: "I am curious, Bill, how would you feel about being
the first president to be killed on the same day as his wife ... It would
be best, I think, to not continue with your immediate plans. Perhaps a
vacation. You will die soon. You can run, but you cannot hide."
The message was signed "Overlord" and purported to be from
"Allmighty@Never.Gonna.Catch.Me."
Reincke appeared before U.S. District Judge Harold A. Baker in
Danville today and was released on his own recognizance.
Hulin said the charge resulted from an investigation by the Secret
Service and the UI police.
Investigators determined the message originated at the UI, and a
computer trace identified Reincke as the apparent author, Hulin said.
While being questioned by agents, Reincke admitted he had sent the
message, according to the press release.
(Local news reports suggest that the student intended this to be a
practical joke. As I see it, the risk is in assuming that it doesn't
really matter what you say by email.)
Rob Hasker hasker@cs.uiuc.edu
Denver Post, p. 1C, Feb. 25, 1994 A former employee of a Boulder [Colorado] computer software company was arrested yesterday for fraudulently transferring 122 computer files worth $915,000 just before leaving his ex-employer, the FBI said in Denver federal court documents. Liaosheng Wang, also known as Andrew Wang, of Westminster, was arrested by FBI agents for allegedly stealing the computer files, including important "source code files," from Ellery Systems Inc., where he worked as a design engineer from December 1990 until his resignation this month. In a complaint filed in U.S. District Court in Denver, FBI special agent John Gedney said Wang may have stolen the files after twice being denied promotions at the Boulder company late last month. ... Wang apparently transferred the files from his account at Ellery Systems to Internet, a global computer network, the complaint said. From Internet, Wang was able to communicate from his computer at Ellery Systems with a computer at Unidata Inc., a Denver company. [sic] The FBI is continuing its investigation to determine if Wang was trying to sabotage his former employer or transferred the information for a fee. "Everything that was transferred was confidential property," said Jeff Jordan, an Ellery vice president. "It was the source code for our product and we intend to get it back." [...] Geoffrey Shaw, Ellery Systems' chief executive officer, told the FBI that Wang had no authority to transfer the files to Unidata, particularly since they contained a proprietary program that had been copyrighted. If convicted of wire fraud, Wang could be sentenced to up to five years in prison and fined up to $250,000.
After reading a recent RSISKS article about validating the Sizewell B PPS software, I was struck by an idea: how about a bounty for inspecting safety-critical software? Here's the plan: the government organization which is purchasing the safety-critical software publishes the specification, the entire source code as delivered by private contractors, and technical documentation on the hardware environment. It then offers a bounty to any party anywhere who demonstrates a logical error in the software. The bounty would be funded by reductions in money paid to the original contractors. Finding a bug is much harder than demonstrating that one has found a bug. Bounty hunters would have an incentive to deploy whatever technology they found useful in finding errors. Michael Chastain mec@shell.portal.com
Of late there have been quite a few articles in the RISK forum regarding
Smart/Reloadable Cards and issues surrounding their incipient risks. The
impression (whether right or wrong) is that most readers (or respondents) are
not aware of the level of acceptance that this technology have outside of
North America. While the potential risks of the cards are legion, I will not
attempt to address them at this point, but merely attempt to touch the tip of
iceberg and illustrate the impact having outside of North America.
The kind of chargeable card described in John Gray's item in RISK issue #49
has been available in Japan and some other parts of Asia for at least a year.
The cash the card is charged with can be spent at any retail outlet equipped
with a simple PoS-type terminal; and the card can be "re-loaded" with cash at
ATMs, by a simple transfer from a current or savings account held by the same
holder.
Both mag-stripe and embedded-chip versions of the card are in commercial use.
The embedded-chip versions are usually multi-function cards (i.e., they can be
used for other purposes as well as that of an electronic wallet).
Countries in which reloadable card programs (or pilot programs) exist include:
Singapore, Japan, France and South Africa. The cards used are mostly
embedded-chip cards, not mag-stripe based. These cash cards are loaded
electronically in machines similar to ATMs, by transfer from chequing or
savings accounts.
Cards can be used at any retailer with a reading device. The reading device
deducts purchase price, issues a receipt, and shows the balance remaining on
the card. Some of them (not all) are PIN-activated (RISK readers take note).
When the balance on the card is exhausted the card is taken back to the
issuing bank or a retail machine for replenishment.
In Japan, the use of the cards apparently has been growing quickly, there is
some political pressure to regulate the business, because it is seen as
cutting into the Bank of Japan's sole right to issue bank-notes. There is talk
of regulations to force issuers to deposit a specified percentage of the money
circulating on such cards with the central bank, or to charge a consumption
tax on such transactions, the money to go into a central fund which would
reimburse card-holders in case the issuing institution went belly-up.
The Japanese are fairly far along in terms of acceptance of the cards, some of
the applications are as follows:
- NTT (the Japanese equivalent of AT&T) is a large proponent of the use of
the cards for making pay phone calls. They have found their usage quite
profitable as they have found that callers using such cards talk 20-40% longer
on the phone, maybe because they don't have to fumble for coins or replacement
cards.
- Other Japanese retailers who accept such cards include the railways, buses
and taxis, car washes, highway toll booths, fast-food outlets and even
video-game arcades.
- One of the last bastions in Japan to hold out against such cards gave in
not long ago. You can now use them at Buddhist temples, to make donations.
An argument between religious and tax establishments now threatens. Temples
have been tax-exempt so far, but the tax authorities do not want to exempt
them from the consumption tax on the use of cards.
Another country which has launched a smart card scheme is Guatemala, no less.
The scheme in Guatemala is called Credisa, the card is called Elite, and the
launching bank is a new retail bank called MultiBanco. The hardware and
software are being provided by GemPlus, the same (French) vendor who provided
the hardware for the French reloadable card pilot.
In Guatemala, I believe the major incentive for smart cards is the poor
telecomms infrastructure, which places limits on on-line authorization
capability.
Gordon Webster - Price Waterhouse Assoc. Jamaica - gordon@pwajam.uunet
Sree Kumar - Price Waterhouse Assoc. Jamaica - sree@pwajam.uunet
This article elaborates on part of the EFF statement issued last
week concerning the FBI's proposed Digital Telephony wiretap bill. The EFF
condemned the bill, which enlarges law enforcement powers of surveillance,
granted by wiretap laws, by adding tracking ability. Addressed herein is point
two of the EFF statement, concerning the surveillance of mobile communica-
tors, such as cellular phones, Personal Communications Services (PCS) and
laptop computers. PCS mobile phones create severe privacy risks for future
phone users, especially under the FBI's proposal; and these risks strongly
support the EFF's position.
The FBI asserts that their proposal adapts existing wiretap laws to
account for emerging communications technologies. Wiretap laws have not
adequately covered mobile communications, and the FBI is correct to assume
that some revisions will be necessary to adequately balance law enforcement
needs with the privacy rights of mobile phone users. Their proposed
revisions, however, do not simply provide for wiretap; instead, the FBI seeks
to expand wiretap laws, allowing law enforcement officers to track the
signalling information of mobile communications users.
The EFF believes that the FBI proposal would create an enormous hole
in the privacy rights of individuals suspected of crimes. Their statement
notes:
It is conceivable that law enforcement could
use the signalling information to identify the
location of a target.....This provision takes a
major step beyond current law in that it allows
for a tap and/or trace on a *person*, as opposed
to mere surveillance of a phone line.
This fear is completely realistic. It is not simply "conceivable"
that the FBI's proposal would allow law enforcement to surveil the location of
a target — positioning technology is a planned part of PCS networks, one of
the technological advances anticipated by the proposal. Similar positioning
technology is planned for cellular phones, as well.
PCS advances cellular phone technology by integrating mobile
communications with other phone networks, and by expanding the services and
quality mobile phones can offer. Most PCS proposals involve three forms of
mobility: terminal mobility, the ability to make and receive calls at any
location, and the ability of the phone network to track the location of the
mobile phone; personal mobility, the ability of the user to be reachable by a
single phone number at all times; and service mobility, the ability of the
user to access CLASS(sm)-like features, such as Call Waiting and Caller ID,
from any phone they use.
The FBI proposal requires phone companies, when presented with a
wiretap order, to transmit the content and the signalling, or "call setup
information," from the tapped phone to law enforcement officers. With a
wireline phone, such as a residence phone line, call setup information would
comprise only the originating and dialled phone numbers, as well as billing
information (such as the residence address) for the call. Because of the
wireless aspect of PCS, however, call setup information for a PCS phone
includes very detailed information on the location and movement of the caller.
PCS mobile phones will connect with the phone network via
"microcells," or very small receivers similar to those used for cellular
phones. While a cellular network uses cells with up to an 8 to 10 mile
radius, PCS networks will use microcells located on every street corner and in
every building. The call setup information for a PCS call would include the
microcell identifier — a very specific means of locating the user. An order
for a PCS wiretap would allow law enforcement officers to receive a detailed,
verifiable, continuous record of the location and movement of a mobile phone
user.
These phones are also likely to "feature" automatic registration:
whenever the PCS mobile phone is on (in use or able to receive calls), it will
automatically register itself with the nearest microcell. Law enforcement
agencies, able to track this registration, would have the equivalent of an
automatic, free, instantaneous, and undetectable global positioning locator
for anyone suspected of a crime.
PCS tries to improve on cellular phone privacy and security by
incorporating cryptographic techniques. Encryption could not only create a
secure phone conversation, but could also (coupled with use of a PIN number)
insure that only a valid subscriber could make calls on a particular phone,
preventing fraudulent calls on stolen phones. An additional phone-to-network
authentication could prevent fraudulent calling through a "masquerade" phone
designed to simulate a user's registration.
But the FBI proposal would require that such encryption be defeatable
in wiretap circumstances. As the proposal stands, this form of weak
encryption is distinguishable from the Clipper Chip because the phone
companies, not a key escrow arrangement, enable law enforcement access; but it
is entirely possible that the Clipper Chip could be used as the encrypting
device. In either circumstance, PCS encryption could be compromised by
careless or malicious law enforcement officials. Perhaps it is time for Phil
Zimmerman and ViaCrypt to begin work on PGPCS — and let us all hope we are so
lucky.
The cellular phone market is tremendous, and analysts believe that the
PCS market, incorporating both voice and data communications, will be even
larger. Coupled with the FBI's Digital Telephony proposal, PCS raises many
privacy and security risks, making the EFF's condemnation of the FBI proposal
all the more appropriate.
CLASS is a service mark of Bell Communications Research (Bellcore).
For more information:
* Bellcore Special Report SR-INS-002301, "Feature Description and
Functional Analysis of Personal Communications Services (PCS)
Capabilities," Issue 1, April 1992. Order from Bellcore, (800)
521-CORE (2673), $55.00.
* GAO report GAO/OSI-94-2, "Communications Privacy: Federal Policy
and Actions," November 1993. Anonymous FTP to cu.nih.gov, in the
directory "gao-reports".
* EFF documents, available via anonymous FTP or gopher:
ftp://ftp.eff.org/pub/EFF/Policy/Digital_Telephony
[*The New York Times* today has a front-page article by John Markoff,
entitled "Price of Technology May Be Privacy". I first saw a version of
it in today's *San Francisco Chronicle*, although as seems typical of the
Chron they truncated it after 11 of its 34 paragraphs. At least they
mentioned Markoff this time, which they frequently do not do! PGN]
It just struck my irony bone that we have the Feds on the one hand wanting to install leaks in encryption and communication switching; and we have the FCC regulating things like PCs so they don't radiate interfering signals. When will FCC be ordered to "get with the program" and _require_ that PCs and monitors radiate enough so the snoops can do their jobs?
The contention that this is a Van Eck device is ludicrous! You don't
need to use radiated signals if you place a bugging device in the computer.
You simply listen to the information and transmit it over a normal radio
channel.
> ... . The device would work like this:
This is not how Van Eck's mechanism worked. It exploited the normal
radiated signals, not those created by a bugging device.
> I spoke to the FBI and US Attorney's Office about the technology used for
> this, and none of them would confirm or deny the technology used "on an
> active case."
Now that's a journalistic confirmation if I ever heard one!
> To the best of my knowledge, this is the first time that the Government had
> admitted the use of Van Eck (Tempest Busting etc.) in public. ...
Since when is a refusal to comment an admission?
If the point of the article is to assert that there are radiated
signals from video screens that can be used at a distance to observe the
content of the screens, of course there is. If you want confirmation, why not
go and buy the 100 dollars of equipment required to do it yourself?
First of all, reception of a signal from computer screen is much easier than it seems due to the fact that images are mostly static; i.e., the same pattern of radiation will be repeated many times allowing for digital accumulation of the signal (it works the same way for astronomers who are able to resolve very dim objects by collecting "random" photons for a long time). Interferometry (i.e., simultaneous reception of the signal from several distant points and multiplying the received signals delayed to compensate for the propagation delays) can also be a very useful tool to sort out weak signal coming from a single source with known location from random electromagnetic noise. Also, cleaning up the signal using spectral analysis (FT, etc.) should work great because the spectre of the source signal is discrete (i.e., all frequencies are derived from a single stable oscillator's frequency by dividing it by small integer numbers). Add directed antennae or (even better) phased antennae arrays and you got the picture... It's nothing more than methods very well known in optical and radio astronomy so the special services don't have to bother me :-) --vadim
Winn Schwartau [RISKS-15.59] headlined his message "Van Eck in Action" suggesting that the FBI used electromagnetic eavesdropping in developing their case against Aldrich Ames. Later Schwartau quotes the FBI's own affidavit as saying that 'the FBI "placed an electronic monitor in his (Ames's) computer," suggesting that a Van Eck receiver...' It's time for someone to shout "Occam's Razor!" If the FBI placed anything "in" Ames' computer, it needn't have been anything as complicated as a receiver that sucked keyboard strokes or video pixels out of the electronic chaos that's inside a computer case. A sophomore EE student could design a high-impedance device to pluck video and keyboard signals directly off their respective connectors and relay them onward. Such a gadget would be much simpler, and therefore more reliable than a Van Eck receiver. On the other hand, the FBI could have simply copied the contents of Ames' hard disk with something like LapLink. They're (understandably) not talking.
>On October 9, 1993, the FBI "placed an electronic monitor in his (Ames') >computer," suggesting that a Van Eck receiver and transmitter was used >to gather information on a real-time basis. I don't know about you, but if I were able to stick a bug inside the computer, I'd attach it directly to the keyboard and video ports. Why fool around trying to reconstruct a signal, when a wire containing the signal itself is half an inch away? Do we have here a risk of technophilia? Even if I couldn't get inside the house, it's quite possible that a conventional camera looking through a window could see enough of the the screen and keyboard to gather useful information. John Levine, johnl@iecc.com, jlevine@delphi.com, 1037498@mcimail.com
A case recently came up in Washington State that is related to the question of the legality of using Van Eck radiation emitted from a residence as a survelience technique. In the incident in question, a person was suspected of growing marijuana in his home, using grow lights. However, there was insufficient evidence to get probable cause for a search warrant. So, without a warrant, the police stood in the street and used an IR detector on the house. They determined that the house was emitting radiation that was consistent with grow lights, and used this evidence as probable cause to get a search warrant. In the ensuing search, the house was found to contain marijuana and the homeowner was convicted. He appealed his conviction on the grounds that the use of the IR detector constituted a search of his home, for which a warrant was required; evidence from this illegal search could not be used as probable cause for a warrant. The Washington State Supreme court agreed with the defendant, ruled the search illegal and overturned his conviction. They said that non-visible radiation emanating from a home is not the same as, say, leaving a window open, and that a reasonable expectation of privacy existed for such radiation. I would imagine that this legal precident would also preclude the use of Van Eck radiation detectors in the state of Washington without a search warrant. Of course, in the Ames case such a warrant almost certainly had already been obtained based on other probable cause, and so this wouldn't be a valid defence for Ames. Bill Bolosky bolosky@microsoft.com
Please report problems with the web pages to the maintainer