Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
I received an ad from TigerDirect, Florida, offering a set of "650 High-Quality Logos" of major corporations. The ad suggests using "these logos in newspaper and yellow page ads, brochures and cross-promotions." It goes on to say "all images displayed are the registered trademarks or trademarks of their respective companies." Can be used by Macintoshes or Windows applications. What a wonderful gift for con artists! -- Dennis Lawrence
Bayreuth, Germany - Three violators of the municipal parking code became war criminals when an official entered the wrong code number. According to the "Nordbayerischen Kurier" the three Bayreuth residents received summonses for "Conspiracy to prepare agressive warfare," when they should have only received citations for parking violations. According to the paper, the official, who had just served ten hours on the night shift, filled out the forms relating to the minor offenses and incorrectly entered the code number of the violation. (Deutsche Presse Agentur)
(amusing, not very new) The Dragon De Monsyne (dragondm@netcom.com) wrote: ... :Well, I can vouch fer it REALLY happening. In today's (Sept. 5, 1994, Final :Edition) Northwest Herald (a local paper in ithe far northwest Chicago Suburbs :(McHenry County, fer those who know where that is), on pg 3, bottom, left hand :corner, I found this gem. : "Atomic bombers criticize Enola homosexual exhibit" Nicely documented, for UL hunters. Henry Troup - H.Troup@BNR.CA (Canada)
A colleague, Paul Gibson, arrived at INRIA Lorraine in France from Scotland at the beginning of July. He set up an account with a local branch of the Banque Populaire de Lorraine in Haussonville, a district of Villers in the Nancy conurbation. The address on his account is that of our host, who lives in a tiny village 75km from here. The bank put a false postal code on his address, consequently his mail from the bank arrives either very late or, in the case of important items such as his bankcard PIN code and checkbook, not at all (I wonder if the important mail has a `Do Not Forward' instruction on the envelope?). However, whenever he notifies the branch and they check, the correct postal code appears with his account information. The bank employees claim not to understand how the two addresses can be different and seem to be at a loss to rectify the situation, even though he's been physically to see them about it three times in the last two months. There's an easy fix. Close the account and open another one. But there should be an easier fix - ensure the right address. Either way, the bank lacks effective procedures for troubleshooting. He still has no checkbook and no functioning cash card. Peter Ladkin
A new teleconferencing system installed at JPL still has some bugs. Participants are told to dial into the telecon themselves. Two numbers are provided: an area 818 local number, and an 800 number for distant callers. I dialed the local number for a NASA/Galileo project telecon which turned out to be seriously depleted; half the expected participants, including the convener, were missing. Attempts to reach the convener by phone failed; the line was always busy. We went ahead and had our discussion anyway, only to learn later that a dual telecon, among the people who had dialed the 800 number, had taken place simultaneously. This reminds me of a curiously similar situation on Telemail about ten years ago. A user complained of often missing important mail. Months later, investigation showed him to have two accounts, differing only by the appended organization. His default login went to one of these, but the group mail distribution list went to the other. About a hundred messages were there waiting for him. "The Black Hole of Telemail", we always called it. Bob Mehlman, UCLA/IGPP
Here's an interesting positive-risk (rather than negative-risk)...
The McLaren Peugot Formula One racing team was investigated for breaking
the rule against computerized driver aids. During the investigation, the
governing body (FIA) contracted with LDRA Ltd to decode MacLaren's software
and determine if the rules were broken. According to the press release:
PRESS RELEASE FROM THE FEDERATION INTERNATIONALE DE L'AUTOMOBILE (FIA)
...lots of stuff...and then the interesting paragraph...
The World Council noted that during the course of the
investigation, LDRA Ltd discovered a bug (fault) in the McLaren
software which was producing a power loss in the engine (due to a
faulty signal from the gearbox control unit to the engine control
unit). McLaren will now be able to correct this problem.
Paris 7 September 1994
Bjorn N. Freeman-Benson
My understanding of neural nets is hazy, so someone please correct me if I'm way off-base. Neural nets are being used more and more in commercial applications, for example in evaluating mortgage applications. It occurs to me that since the internal state of a neural net, and its decision-making "process", is essentially opaque, a lender could depend on a neural net to implement redlining in a manner such that, if the bank were in fact to be accused of redlining, the bank could reply, "We don't redline, we rely on objective computer programs to evaluate applications." The training set for the net could itself contain redlining, and the net would learn it. Then the training set is discarded, and there is no proof of intent to evade the law. Any applications receives a final yes/no from a live human being, but how easy is it for the lending officer to let a neural net do his or her "dirty work" ? * Fred Baube(tm) GU/MSFS/88 baube@optiplan.fi
Don't you just love it when you read about something that might happen,
happens! After reading Daniel J. Weitzner's comments about the proposed new
indecency rules, I read the following article on the front page of this
weeks New Zealand COMPUTERWORLD (dated Sept 5, 1994):
INTERNET SEX GOES OFF-LINE, by Rob Hosking
The prospect of being the target of an indecency test case has caused
Internet service provider ICONZ (Internet Company of New Zealand) to pull
its pornographic news groups and bulletin boards off line.
"We've pumped hundreds of thousands of dollars into ICONZ and I'm not going
to see that go in a test case," says systems administrator Jon Clarke. The
company pre-empted the impending litigation after hearing "through the
grapevine" that an Auckland religious group was planning a lawsuit following
an item on television news about the Internet. Approximately 20 news groups
were taken off the wire, out of about 440, and only two users had complained
since their removal, says Clarke. "To put it into some sort of perspective,
it's effectively stopped us transmitting 100Kb out of 150Mb a day," he says.
The action would have been under the Films, Videos and Publications
Classifications Act, passed earlier this year. There is some doubt as to
whether the Internet is covered by the act, and the issue has yet to be
decided in court.
Clarke says the material being carried is tamer than that available over
the counter in most dairies <JM comment - read cornerstore, newsagent, etc.),
and he queries what he sees as a double standard involved. Network users in
the US have formed a group to lobby against restrictive legislation and, with
the Howick MP Trevour Rogers' Technology and Crimes private members bill
currently before Parliament, Clarke says it could be time for the information
of such a group here.
The material is still coming into New Zealand but is now "being put in the
great big bit bin", as far as ICONZ is concerned. Clarke believes the
material will be available - "there are millions of sites worldwide you can go
to for this kind of stuff, the only thing is you'll have to pay for it".
<<< JM's comments follow <>>
This article raises several interesting questions:
1. Do we really want local network providers to become our censors?
2. How does the network provider filter 150Mb of data a day, especially
when he doesn't know what the law states is and isn't allowed?
3. If a network provider, whilst censoring the days 150Mb of information,
reads that a "religious group" was planning a lawsuit against him because
they didn't agree with one of his services, what should he do?
The internet provider doesn't lose either way, since as Jon Clarke points out
himself, his users just have to go further afield, and I'm sure he'll be happy
to charge for this.
The 1994 CPSR Annual Meeting will be held on the weekend of October 8th and 9th at UC San Diego. One focus of the meeting this year is teaching people how to actually do something about computer-related Risks to privacy and the like. We'll have a workshop on privacy activism by Christine Harbs from the Privacy Rights Clearinghouse and Dave Redell from CPSR's Civil Liberties Working Group. We'll also have a workshop on legal issues for BBS operators from Mike Godwin of EFF, and a panel discussion on the issues that arise when protecting privacy and intellectual freedom in various professions. Everyone is welcome to attend. The Annual Meeting Web pages are now ready to go. Just aim your Web client at http://www.cpsr.org/dox/am/program.html and look around. Or, if you prefer, you can get the program and registration information from an autoresponder by sending a message to cpsr-annmtg@cpsr.org. Phil Agre, UCSD
Announcing the availability of the Proceedings of an Invitational Workshop on Information Technology (IT) Assurance and Trustworthiness held March 21-23, 1994 at George Washington Inn Williamsburg, Virginia. The proceedings are available by FTP as an ASCII document from csrc.nist.gov. The path is /pub/nistir/assure.txt Hardcopy was published by the National Institute of Standards and Technology numbered NISTIR 5472. ABSTRACT The purpose of the 1994 Invitational Workshop on Information Technology (IT) Assurance and Trustworthiness was to identify crucial issues on assurance in IT systems and to provide input into the development of policy guidance on determining the type and level of assurance appropriate in a given environment. The readers of these proceedings include those who handle sensitive information involving national security, privacy, commercial value, integrity, and availability. Existing IT security policy guidance is based on computer and communications architectures of the early 1980s. Technological changes since that time mandate a review and revision of policy guidance on assurance and trustworthiness, especially since the changes encompass such technologies as distributed systems, local area networks, the worldwide Internet, policy-enforcing applications, and public key cryptography. 1995 WORKSHOP A call for participation for the 1995 workshop will be available in October. You may request a copy by sending e-mail to witat-info@cs.umd.edu. Marshall D. Abrams, Info Systems Security Division, The MITRE Corporation, 7525 Colshire Drive, McLean, VA 22102-3481 703.883.6938 abrams@mitre.org
Please report problems with the web pages to the maintainer