Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Of considerable interest to RISKSers is an article entitled "Absolutely NOT Confidential" by Clark Norton, in the March/April 1989 issue of Hippocrates (The Magazine of Health and Medicine). The article documents many of the problems of large networked databases, including privacy, data quality, legal and social implications, etc. It also includes a state-by-state table on your access to your own medical records, with separate entries for doctors', hospitals', and mental health records. Arkansas, New Hampshire, Rhode Island, South Carolina, Vermont, and Wyoming are the only states left with no laws guaranteeing your access for all three types of records. Thus far, Montana is the only state to adopt a model bill drafted by the National Conference of Commissioners on Uniform State Laws. ``Like most Americans, you've probably assumed your medical records were confidential — protected by ethics and the law. At one time you would have been right. "We used to have a medical system that was confidential," says retired Harvard School of Medicine neurosurgeon Vernon Mark...'' Now it is relatively wide open.
445 of Wells Fargo's 1200 ATMs in California were out of commission for many hours on 22 Februrary 1989, due to computer malfunctions. (Bank of America has twice had about 700 ATMs out of commission in recent months.) `John Love, publisher of Bank Network News, a newsletter that covers electronic banking, said that, on the average, ATMs are down 5 percent of the time because of ``machine-specific problems.'' However, such widespread failures are rare, he said, because of extensive backup computer networks.' [Quote from the San Francisco Chronicle, 23 Feb 89, pp. C1 and C18, in an article by David Tuller.]
Just picked this up from comp.dcom.telecom - John Murray , Amdahl Corp., Sunnyvale, CA. From wrf@ecse.rpi.edu Tue Feb 21 07:50:32 1989 Subject: 540 ripoff NYS just fined a ripoff outfit that advertised a "GOLD" card if you called 540-GOLD. Several hundred people who did, and stayed on the line for a minute, were billed $50 (FIFTY DOLLARS). Needless to say their gold card had no relation to Mastercard or Amex. They were also contacting people with an illegal autodial operation that would not let the victim hang up to free the line. I think now they're required to say at the start of the call that there is this charge. But what about people whose hearing is bad or English poor? People in every state should have the right to disable this use of their phone as a no limit credit card. In fact, the default status should be disabled, and phone customers should have to enable it, and perhaps specify a $limit, if they want to use it. [Moderator's Note: Illinois Bell was one of the first telephone companies to offer 900/976 blocking at no charge, no questions asked. We do not have '540' service here — yet — but I assume any variation on it here would get free blocking. Here you can block 976 or 900 or both. The operator is unable to complete the connection for you. Out-of-LATA 976 calls cannot be blocked, but then they are only billed at regular long distance rates anyway. PT]
(Quotes are from an article in the Feb 27 "Insight on the News" magazine) The latest craze is a 900 number in which callers can "confess" their actions. Another of those adult phone lines, you think, and prepare to hang up. But then there is another voice, female, young, and remorseful. "I'm having an affair with Bob. He's my boss, and I just gave up our baby," she says. "I want to tell Ginne and Les to please take care of her and I hope that she grows up to be better than I was and [pause] I'm sorry." [...] Confessors leave a 60-second message on what amounts to an elaborate answering machine, then the tape is edited for playback on the other phone line. Sometimes listeners call in to respond to someone's confession, and some of these calls are played back. Now, here's the scary part... Denton [producer of the Phone Confessions program] listens to every call, then selects a mix of confessions for playback. Most calls are about relationships, but United Communications [the producer's company] makes no secret that it gets calls from people confessing to crimes [!!]. Most people probably still believe that the phone number from which they make a phone call is available *only* to a select few. But with the 800 and 900 phone services (discussed either in RISKS or TELECOM, I lost track :-), a service-provider can obtain *instantly* the caller's phone number, and correlate it with the confessions. The risks to the public (out of ignorance) is obvious. Law enforcement agencies, or even private opportunists, could set up such services, or tap into existing services, and obtain an unending supply of useful information. Says the article: Denton believes that 98 percent of her calls are true confessions. I suppose if I really wanted to confess a crime to one of these services, I'd go to a pay phone. I doubt that the public is aware of the consequences of calling from their home, though. Randal L. Schwartz, Stonehenge Consulting Services (503)777-0095 on contract to BiiN (for now :-), Hillsboro, Oregon, USA.
>... and the Zinn residence was raided by FBI agents, AT&T/IBT security >representatives and Chicago Police detectives used for backup. ATT security people as backup? "Stop right there, this is the phone company; hands against the wall!" Is it common practice in such "raids" to use outside companies?
An article in _Digital Review_, February 20, under the title "Reach Out And Help Someone" reviews a package for VAX/VMS called Video, from Performance Software. The subtitle says, "...system managers and training coordinators can keep an eye on user activity". Among other things, this package allows anyone with appropriate privileges to see what anyone else is typing and receiving on their terminal (passwords excepted, I suspect), or to "take over" another terminal and broadcast their own commands to it. You can also record terminal sessions and play them back at leisure. "With the Video Seer utility, system managers can monitor terminal sessions to detect system abuse or simply to identify performance drains on their systems." Oh joy. [Funny aside: I just received a computer-printed letter for _Time_ Sweepstakes. The first paragraph reads: "... Isn't it time you get that dream house for you and your family in Burbank? Isn't it time you started driving home to Box 6867 in that Mercedes-Benz you've had your eye on for years?..." Don't they know it's hard enough to fit myself into Box 6867, let alone park a Mercedes there?] Peter Scott (pjs@grouch.jpl.nasa.gov)
In RISKS DIGEST 8.28, John Sinteur writes of his previous employers' problems when the power went out and their magnetic card readers failed to work. About nine days ago, a large part of Cambridge, including the entire MIT campus, lost power for several hours as a result of a gas explosion in a manhole. One result of this was that all of Project Athena (The MIT undergraduate computer system/research project) lost power, including all of the workstation clusters. The workstation clusters are all accessed by typing a combination into a keypad outside the door of the cluster. However, when the power went out, the keypads all went dead and hence all of the doors could not be opened. Nevertheless, the people who were sent around to power down all of the workstations (so that when the power came back on things could be brought back up gracefully) were able to get into most (if not all) of the clusters without any trouble. Students leaving the clusters after the power went out realized that the keypads would not open the door, and therefore the last person out of each cluster propped open the door with a garbage can. I guess it didn't occur to them that this would allow anyone to walk onto campus, walk into a computer cluster and steal every keyboard, mouse and chair in the cluster (The computers themselves are locked down in all but one cluster.). (Then again, who would want all of those DEC and IBM keyboards and mice? :-) Jonathan Kamens, MIT Project Athena, jik@Athena.MIT.EDU Office: 617-253-4261
Several of the photography trade publications carry regular columns on
"forensic photography" — the making and use of photographs for evidence in
civil and criminal cases. The authors of these columns usually stress that
photographs themselves are not sufficient for evidence, since such factors as
lighting, angle of view (particularly with the use of telephoto or wide angle
lenses), etc. can provide a quite different impression from what exists in
reality.
When photographs are introduced as evidence, the photographer is called as a
witness to testify that the pictures are a true representation of a particular
scene, object, etc. The authors of these articles therefore stress the
importance of keeping related documentation about when, where, and how the
photographs were made, since this can come up during the trial.
Also related to the digital processing of images: There's currently a fair
amount of coverage in the photographic trade press about another legal aspect
of electronically combined images — namely who owns the rights to the final
product. Since most commercial photographers sell *rights* to the use of their
images, rather than the physical transparency itself, this can get into a
sticky area, since some clients (particularly in advertising) will want
exclusive use of a particular image (and related images) for either a specific
time period or for a specific geographic area. The current issue of
_Photomethods_, a journal for the audio-visual industry, has a questionnaire
asking photographers whether they feel digital manipulation of images is a help
or poses a threat.
— Ernest
My opinions are my own and probably not IBM-compatible.--ehr
Ernest H. Robl (ehr@ecsvax) (919) 684-6269 w; (919) 286-3845 h
Systems Specialist (Tandem System Manager), Library Systems,
027 Perkins Library, Duke University, Durham, NC 27706 U.S.A.
[Found this on a local bulletin board. Martin Minow]
This is from the February 20, 1989, San Jose Mercury News:
Computer users worry that Stanford set precedent
They say decision to block bulletin board
impedes free acces to public information.
By Tom Philp
Computer scientists at Stanford fear the university has entered a never-ending
role as a moral regulator of computer bulletin boards by recently blocking
access to a list of jokes deemed to serve no "university educational purpose."
Many computer users on campus consider bulletin boards to be the libraries of
the future - and thus subject to the same free access as Stanford's library
system. Instead, Stanford apparently has become the nation's first university
to block access to part of the international bulletin network called Usenet,
which reaches 250,000 users of computers running the Unix operating system,
according to a computer scientist who helped create the network.
To some computer users, Stanford's precedent is troubling. "We get into some
very, very touchy issues when system administrators are given the authority to
simply get rid of files that they deem inappropriate on publicly available
systems," said Gary Chapman, executive director of Computer Professionals for
Social Responsibility, a Palo Alto-based organization with 2,500 members. "My
personal view is that freedom of speech should apply to computer information."
Ralph Gorin, director of Academic Information Resources at Stanford, disagrees.
"I think that it's very clear that one should be either in favor of free speech
and all of the ramifications of that or be willing to take the consequences of
saying free speech sometimes, and then having to decide when," Gorin said.
Since the jokes ban, more than 100 Stanford computer users, including a leading
researcher in artificial intelligence, have signed a protest petition. And
there is some evidence to indicate Stanford officials are looking for a way out
of the dilemma they have created.
The joke bulletin board, called "rec.humor.funny," is one of several bulletin
boards that discuss controversial topics. Stanford, for example, continues to
permit access to bulletin boards that allow students to discuss their use of
illegal drugs, sexual techniques and tips on nude beaches. Gorin said he is
unaware of those bulletin boards.
The jokes bulletin board came to Stanford officials' attention in December,
after a report about it in a Canadian newspaper. The jokes hit a raw nerve
with campus officials, who have been plagued by a variety of racist incidents
on campus. And so they decided on Jan. 25 to block the jokes from passing
through the university's main computer. "At a time when the university is
devoting considerable energy to suppress racism, bigotry and other forms of
prejudice, why devote computer resources to let some outside person exploit
these?" Gorin explained.
The joke that sparked the complaints is this: "A Jew and a Scotsman
had dinner in a restaurant. At the end, the Scotsman was heard to say,
'I'll pay.' The next day there was a newspaper headline, 'Jewish
Ventriloquist Murdered." Most of the jokes are not racist or sexist, Gorin
said; they are just plain silly or political. An example: "What did Mickey
Mouse get for Christmas? A Dan Quayle watch."
But Stanford officials were troubled because the jokes bulletin board is
"moderated," meaning that one person controls everything that it publishes.
The jokes bulletin board "does not in itself provide for discussion of the
issues that it raises," Gorin said. The moderator, Brad Templeton of Waterloo,
in the Canadian province of Ontario, publishes only jokes. Comments he
receives go on a separate bulletin board, called "rec.humor.d." For Stanford,
the existence of a comment bulletin board is not enough because people who call
up the jokes will not necessarily see the comments.
The problem with "unmoderated" bulletin boards is clutter, according to Eugene
Spafford, a computer scientist at Purdue University who is one of the pioneers
of Usenet. The network accumulates the equivalent of 4,000 double-spaced,
typewritten pages every day, far too many comments for any person to read.
"People who use a network as an information resource like a more focused
approach," Spafford said. They is why another, unmoderated, bulletin board
that has many comments and fewer - but equally offensive - jokes, is far less
popular. Stanford does not block transmission of that bulletin board.
Templeton's bulletin board is the most popular of the 500 on Usenet. An
estimated 20,000 computer users pull up the jokes on their screens every day,
Spafford said.
Usenet has its own form of democracy, calling elections to determine whether a
new bulletin board should be created, and who - if anyone - should moderate it.
Templeton's jokes bulletin board was created by such a vote. Stanford's
decision to block access to it "strikes me as hypocritical," Spafford said.
"At best, it's someone who doesn't understand the situation who is trying to do
something politically correct."
John McCarthy, a Stanford computer science professor and one of the founders of
the field of artificial intelligence, has met with university President Donald
Kennedy to discuss his opposition to blocking the jokes. "No one of these
(bulletin boards) is especially important," McCarthy said. The point is that
regulating access to them "is not a business that a university should go into."
Since deciding to block access to the bulletin board, the administration has
referred the issue to the steering committee of Stanford's Faculty Senate. The
future of the bulletin board may end up in the hands of the professors. "I
think that is an entirely appropriate internal process for reaching that
decision," Gorin said.
Added McCarthy: "I should say that I am optimistic now that this ban will be
corrected. There are some people who think they made a mistake." ...
Please report problems with the web pages to the maintainer