The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 7 Issue 59

Thursday 29 September 1988

Contents

o Arthur Miller, Assault on Privacy: Computers, Data Banks and Dossiers
Barry C. Nelson
o EPROM is not necessarily programmed for life
Mike Linnig
o The Wobbly Goblin (a.k.a. Stealth fighter)
Alan Kaminsky
o Re: Stanford Collider Shut Down
Matthew P Wiener
o Re: Is Uncle Sam selling your name to mailing lists?
Greg Pflaum via Mark Brader
o CPSR 1988 Annual Meeting
Gary Chapman
o Info on RISKS (comp.risks)

Arthur Miller, Assault on Privacy: Computers, Data Banks and Dossiers

"Barry C. Nelson" <bnelson@ccb.bbn.com>
Wed, 28 Sep 88 11:03:40 EDT
The American Society for Industrial Security is holding its annual seminar and
exhibition in Boston at the moment.  There were nearly 3000 registered
attendees, not including over 350 companies with product or service exhibits.

The luncheon speech on 27 Sept was by Arthur Miller, Professor of Law at
Harvard University, renowned author on court procedures and legal expert
appearing on TV programs such as "Good Morning America." He is author of "The
Assault on Privacy: Computers, Data Banks and Dossiers" which is considered
"must" reading on the issue.

Let me pass on a few of his remarks which were addressed to the thousands of
security professionals from all over the country. It was shrill, but compelling.
(Consider that MOST of the listeners know nothing about computers.)

Barry C. Nelson
+++++++++++++++  The following is provided without permission and may be
available on tape from National Audio-Visual Transcripts, Ltd. +++++++++++

"...
I warn you, I'm a card-carrying privacy nut.
...
You can't get very far in this world without your dossier being there first.

Flight Reservation systems decide whether or not you exist. If your information
isn't in their database, then you simply don't get to go anywhere
...
What people have been reduced to are mere 3-D representations of their own data.

The Avis WIZARD decides if you get to drive a car. Your head won't touch the
pillow of a Sheraton unless their computer says it's okay.  
...
This information forms a permanent "dossier".  It's THEIR information now.

They know your name, address, telephone number, credit card numbers, who ELSE
is driving the car "for insurance", ...  your driver's license number. In the
state of Massachusetts, this is the same number as that used for Social
Security, unless you object to such use. In THAT case, you are ASSIGNED a
number and you reside forever more on the list of "weird people who don't give
out their Social Security Number in Massachusetts."
...
YOU can't get a copy of these records. There is no law which forces private
agencies to tell YOU what they know in most cases.
...
Data is a lot like humans. It is born. Matures. Gets married to other data,
divorced. Gets old. One thing that it doesn't do is die. It has to be killed.
...
At the same time, data is dehumanizing.  Take the case of a person, flesh and
blood, who wants to go to law school. A six-page form is filled out and gets
"processed" by the computer along with transcripts and LSAT scores. ...

Eventually an "index number" is spit out. This number is then put on the Great
Chart on the Wall with a lot of others. 

This person, whose only crime in life was wanting to go to law school, has been
reduced to a DOT on the wall awaiting evaluation.
...
What should we be doing about all of this?  Adjusting the regulations a little.
...
Only the information which is necessary for the job at hand should be collected.

People should have access to the data which you have about them.  There should
 be a process for them to challenge any inaccuracies.

There should be more control on the eventual uses of data which was supplied
 for some business at hand, but has been sent elsewhere "upon request"

Old data should be killed when its useful life is served.

Data must be protected from those who would abuse it.  ..."


EPROM is not necessarily programmed for life

<linnig@skvax1.csc.ti.com>
Wed, 28 Sep 88 09:23:18 CDT
Unless things have changed in the past few years... 

UV erasable EPROM's only stay programmed for a few years (~7).  These
chips bury a charge inside of an insulating layer.  UV exposure causes
the charge to be erased, so does the passage of time.

I wonder how many computerized boxes out there are carry their programs
in EPROM?   Sounds like a ticking time bomb to me.

    Mike Linnig,    Texas Instruments


The Wobbly Goblin (a.k.a. Stealth fighter)

<ark%hoder@CS.RIT.EDU>
Wed, 28 Sep 88 07:20:32 EDT
"How Wobbly the Goblin"  (Time magazine, October 3, 1988, p. 29)

"The U.S. Air Force is so secretive about its radar-invisible Stealth
fighter that it refused to acknowledge the plane existed even when one
crashed in California two years ago.  Yet when a covey of U.S.A.F. pilots
converged in Washington last week for an Air Force Association symposium,
shop talk indicated that the Stealth has a nickname.  Pilots who fly the
plane out of the Tonopah, Nev., Air Force base find it so tricky they
call it the "Wobbly Goblin."  Onboard computers are supposed to control
the Stealth's performance, even at the highest speeds, but experts say
the plane sometimes "gets away" from the pilot, who then has to take over
manually--and earn his wings all over again."

Does anyone know any details?

Alan Kaminsky, School of Computer Science, P.O. Box 9887, Rochester, NY 14623
Rochester Institute of Technology                                716-475-5255


Re: Stanford Collider Shut Down <RISKS DIGEST 7.51>

Matthew P Wiener <weemba@garnet.Berkeley.EDU>
Sat, 24 Sep 88 23:57:36 pdt
>Stanford University's $115 million linear collider has been shut down
>after several months' efforts failed to get it running properly.

Is this *permanent*?  I read only a month ago in SCIENCE (or NATURE?)
that they were still expecting to get results next year.

SLAC itself is not in trouble so much as the redesign for making it a
Z factory.  Of course, there could be repercussions.

>Although there seems to be nothing basically wrong with the system, it
>is "simply so complicated that, despite the best efforts of more than
>100 people, they have not been able to keep all its complex parts
>working together long enough to get results."

Also, because they were in a hurry to beat CERN with the first Z factory,
they used the cheapest parts they could find.  They are paying for this now.

One good consequence is that SLAC has proven that the basic design for
using linacs to mass produce Zs is sound.  Nothing like it had been
tried before.  I vaguely recall reading somewhere that inspired by
SLAC's "success", in West Germany there are plans to build a similar
linac-based Z factory.

>                            Since spring they have
>"fought a succession of glitches and breakdowns in the machine's myriad
>magnets, computer controls, and focusing devices."

The outside weather did not help either.

ucbvax!garnet!weemba    Matthew P Wiener/Brahms Gang/Berkeley CA 94720


Re: Is Uncle Sam selling your name to mailing lists?

Mark Brader <msb@sq.sq.com>
Thu, 22 Sep 88 10:37:55 EDT
Path: sq!geac!yunexus!utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.[]
   cis.ohio-state.edu!mailrus!ames!necntc!dandelion!ulowell!interlan!pflaum
From: pflaum@interlan.UUCP (Greg Pflaum)
Newsgroups: misc.consumers
Date: 19 Sep 88 23:05:24 GMT
Organization: MICOM-Interlan, Boxborough, MA (1-800-LAN-TALK)

In article <2123@edsews.EDS.COM> peter@edsews.EDS.COM (Peter Zadrozny) writes:
>For the last two weeks I've been swamped with pre-approved
>credit cards and loans, at least three offers every day from
>different banks. The strange part is the they are all addressed
>to my legal name which is only known by Uncle Sam and his red tape
>offices. Is anyone of them selling names and addresses
>to mailing lists houses??? What's going on, are they going
>to pay the public debt this way?

It is possible that, at some point in the distribution, someone illegally
obtained a tape of names, addresses and other information from some
government database.

I've seen a similar situation when I was in school at the University of
Massachusetts.  I received a mailing from a life insurance company which
was addressed to "The parents of Greg Pflaum".  Because UMass did not
have my parents' address, I often got mail from the school with that
address.  Checking around, I found that those friends who also received
UMass's "To the parents of" mail had also received the insurance
solicitation.  I didn't check with any parents, but clearly at least
some group of parents also got it.

At the office that produces the university magazine (Contact) that is
sent to all parents I learned that mailing labels were ordered from a
central office which did the database selection and printing.  That
was as far as I got.  They said the school did not sell mailing lists,
and refused to believe there was any connection between the insurance
mailing and the UMass database.  "Maybe someone went through the
phone book," they suggested.  Sheesh.

A student who did programming for the school suggested the most likely answer:
a programmer or operator made a few bucks on the side.
                                                               Greg


CPSR 1988 Annual Meeting

Gary Chapman <chapman@csli.Stanford.EDU>
Sat, 24 Sep 88 14:07:06 PDT
            Computer Professionals for Social Responsibility
                            Annual Meeting
               November 19 and 20 at Stanford University


A collection of nationally known authors, scientists, and innovators in the
computer science field will address the issues of computers and their impact on
the arms race, the workplace, education, and society at the l988 Annual Meeting
of Computer Professionals for Social Responsibility (CPSR), to be held November
19 and 20, l988, in Cubberley Auditorium at Stanford University.

Two sessions that already are generating a great deal of interest will draw
together experts from a wide variety of fields to comment on developments in
technology that could affect the general population.

The first, Privacy, Computers, and the Law, deals with the FBI's plans to
upgrade its already massive criminal justice database so that it can better
identify individuals. The current system now contains over l9 million records
and is accessed up to half a million times per day.  Would an improved version
threaten the privacy and liberties of citizens?  Discussing the issues from a
variety of perspectives will be: William A. Bayse, FBI assistant director for
technical services;  Congressman Don Edwards (D-San Jose), chairman of the
House Subcommittee on Civil and Constitutional Rights;  Jerry Berman, chief
legislative counsel of the American Civil Liberties Union and director of the
ACLU Privacy and Technology Project; and Peter Neumann, SRI International and
CPSR/Palo Alto. 

The second panel will debate the impact of the personal computer of the future
as presented in Apple Computer's video story, "Knowledge Navigator." The
speculative Knowledge Navigator is a flat, notebook-sized computer that can
speak with the user, explore databases on its own,  do simulations, and display
a picturephone and graphics, all by voice command.  Addressing the social
assumptions and implications of this possible technology will be:  Larry
Tesler, vice president of Advanced Technology, Apple Computer; Esther Dyson,
editor and publisher of Release 1.0 newsletter; Fernando Flores, chairman of
Action Technologies and co-author of Understanding Computers and Cognition;
Peter Lyman, director of educational computing, University of Southern
California; Theodore Roszak, professor of sociology, California State
University at Hayward and author of The Cult of Information.

Speaking on the topic Technical Challenges in Arms Control in the Next 15 Years
is Sidney Drell.  Dr. Drell serves as co-director of the Stanford Center for
International Security and Arms Control and deputy director of the Stanford
Linear Accelerator Center.  He also is past president of the American Physical
Society and author of Facing the Threat of Nuclear Weapons.  

Technology, Work, and Authority in the Information Age:  The Role of the
Computer Professional  will address the opportunities and problems of computers
in the workplace.  By the end of the century, approximately two-thirds of all
workers will use a computer terminal .  Will that computer enhance their skills
or assist management in controlling workers?  Speaker Robert Howard, author of
the book Brave New Workplace  and senior editor of Technology Review  will
focus on what role computer designers can do to create socially responsible
products.  

Women learn how to use computers differently than men, says speaker Deborah
Brecher, founder and executive director of the Women's Computer Literacy
Program in San Francisco.  Women and Computers: Does Gender Matter?  will cover
what programmers, educators and employers need to know about computer learning
and the sexes.

Computer pioneer Jim Warren will  deliver the keynote speech  at CPSR's Annual
Banquet to be held at Ming's Villa in Palo Alto.  Mr. Warren founded The
Intelligent Machines Journal  which .later  became InfoWorld.   He also started
the West Coast Computer Faire, the pre-eminent show for personal computer users
and hobbyists, was the founding director of the first personal computer
software magazine, Dr. Dobb's Journal of Computer Calisthenics and Orthodontia.
He later served as the original host of the PBS series, "Computer Chronicles,"
and was awarded the first Sybex Computer Pioneer Award which recognizes
innovators in the microcomputer field. In the academic arena, Mr. Warren has
taught computer science at  San Francisco State, San Jose State and Stanford
University.  Mr. Warren's speech, Computers, Information, and Politics, will
focus on how citizens can gain access to computerized information on
individuals, corporations, and the government, and how they can use that
information to bring about effective political action, locally or globally. 

During the banquet, the CPSR Board of Directors will present the Norbert Wiener
Award for Professional and Social Responsibility to Joseph Weizenbaum,
professor of computer science (emeritus) at the Massachusetts Institute of
Technology.

Sessions on Sunday, November 20, will be devoted to the organization and future
direction of the association.  Speakers include:  Terry Winograd, associate
professor of computer science at Stanford University and co-author of
Understanding Computers and Cognition,;  grassroots organizer and trainer John
Spearman, senior contract administrator for The Doctor's Council in New York
City;  Steve Zilles, chairman of the board of directors, CPSR;  and Gary
Chapman, executive director of CPSR and co-editor of Computers in Battle. 

Registration fees for the meeting are as follows:  $10/members; $20/nonmembers
before November 9;  $20/members, $30/nonmembers after November 9.  The banquet
is $30/members, $35/nonmembers.  Reservations are on a first-come, first-served
basis. Please call (415) 322-3778 for registration material.

Please report problems with the web pages to the maintainer

Top