From
[email protected] Mon Feb 22 14:27:21 1993
Return-Path: <
[email protected]>
Received: from nkosi.well.sf.ca.us by well.sf.ca.us with SMTP (5.65c/SMI-4.1/well-930216-1)
id AA01529; Mon, 22 Feb 1993 14:26:15 -0800
Received: from chiron.csl.sri.com by nkosi.well.sf.ca.us (5.65c/SMI-4.1/nkosi-930216-1)
id AA19587; Mon, 22 Feb 1993 14:26:26 -0800
Received: by chiron.csl.sri.com id AA07295
(5.65b/IDA-1.4.3.12 for
[email protected]); Mon, 22 Feb 93 14:24:51 -0800
From: RISKS Forum <
[email protected]>
Sender: RISKS Forum <
[email protected]>
Date: Mon, 22 Feb 93 14:24:49 PST
Subject: RISKS DIGEST 14.34
Reply-To:
[email protected]
To: RISKS-LIST:@csl.sri.com ;
Message-Id: <
[email protected]>
RISKS-LIST: RISKS-FORUM Digest Monday 22 February 1993 Volume 14 : Issue 34
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
And You thought Your Computer Chat Was Private (Marty Leisner)
_Friendly Spies_ (Peter Wayner)
The "Information America" service (Brian Randell)
"Telephone Service Cut Off" (Lin Zucconi)
Computer delays response to fatal fire (Lauren Wiener)
Tapping the new digital car phone systems (John W. Sinteur)
A quick request for opinions (Fred Cohen)
London Ambulance Service (Brian Randell)
DCCA-4 Call for Papers (Teresa Lunt)
Technology and Society, Call for Papers (William J. Kelly)
Privacy Digests (PGN)
The RISKS Forum is a moderated digest discussing risks; comp.risks is its
Usenet counterpart. Undigestifiers are available throughout the Internet,
but not from RISKS. Contributions should be relevant, sound, in good taste
good taste, objective, coherent, concise, and nonrepetitious. Diversity is
welcome. CONTRIBUTIONS to
[email protected], with appropriate, substantive
"Subject:" line. Others may be ignored! Contributions will not be ACKed.
The load is too great. **PLEASE** INCLUDE YOUR NAME & INTERNET FROM: ADDRESS,
especially .UUCP folks. REQUESTS please to
[email protected].
Vol i issue j, type "FTP CRVAX.SRI.COM<CR>login anonymous<CR>AnyNonNullPW<CR>
CD RISKS:<CR>GET RISKS-i.j<CR>" (where i=1 to 14, j always TWO digits). Vol i
summaries in j=00; "dir risks-*.*<CR>" gives directory; "bye<CR>" logs out.
The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1".
<CR>=CarriageReturn; FTPs may differ; UNIX prompts for username, password.
For information regarding delivery of RISKS by FAX, phone 310-455-9300
(or send FAX to RISKS at 310-455-2364, or EMail to
[email protected]).
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
----------------------------------------------------------------------
Date: Sat, 13 Feb 1993 14:06:39 PST
From:
[email protected] (Marty Leisner 71348 )
Subject: And You thought Your Computer Chat Was Private
In the February 7, 1993 NY Times (sunday) on page 32 they had an article
(about 10 column inches) detailing privacy issues with email.
They talked about Oliver North's message in 1986 to his aide Ronald Sable:
"Oh Lord, I lost the slip and broke one of the high heels. Forgive please.
Will return the wig Monday".
The article quotes Paul Saffo (Institute for the Future) talking about "we
have yet to establish the conventions for e-mail).
marty
[email protected] [email protected]
Member of the League for Programming Freedom
------------------------------
Date: Mon, 22 Feb 1993 11:12:37 -0500
From: Peter Wayner <
[email protected]>
Subject: _Friendly Spies_
Fans of encryption and those who merely fan the fires of debate about
encryption's inherent threat/value will want to dig up Peter Schweitzer's new
book _Friendly Spies_ just published by Atlantic Monthly Press. He includes
many different details about covert intelligence operations directed against
US corporations by cold war allies. Time and time again he says, foreign
governments conspire with foreign companies to steal US technology and
economic secrets.
He mentions that France and Germany and many other countries require US
Companies to "register" the encryption key for reasons of national security.
All of the American transmissions are monitored and the data is passed on to
the local competitors. Companies like IBM finally began to routinely
transmit false information to their French subsidiary just to thwart the
French Secret Service and by transitive property of economic nationalism,
French computer companies.
The lessons? Key registration in the world hurts American corporations.
Cryptography protects the creators and thwarts those who seek to copy
innovation.
-Peter Wayner
------------------------------
Date: Wed, 17 Feb 93 12:18:22 GMT
From:
[email protected]
Subject: The "Information America" service
A colleague has just shown me an article about an online service called
"Information America". The article is (possibly justifiably) alarmist in tone
- and I cannot vouch for its factual accuracy. The article appeared in issue 8
of a (strange, to me at least) magazine called Mondo 2000, published some time
in 1992 - the publisher's address is given as PO Box 1071, Berkeley, CA.
Let me say no more about the article or the magazine, but just provide
soc.roots/ROOTS-L readers some illustrative quotes from it:
"BIG BROTHER ISN'T DEAD, HE'S JUST SUBCONTRACTING
If you have a modem, a home computer and can afford $95 an hour fees you too
can access Information America's online computer database, cross indexing the
Postal Service's National Change of Address file (NCOA), major publisher and
direct marketing companies' client information, birth records, drivers'
license records, phone books, voter registrations, records from up to 49
governmental agencies, and more. Information America boasts up to date
information on over 111 million Americans, 80 million households, and 61
million telephones.
If you are not scared yet you should be. Because complete strangers can
find out where you live, tracing you through extensive relocations even if
they have only a last name, or a state, an old address or telephone number.
...
Not until recently has information like this been commercially available in
a single database, specifically with law enforcement, private
investigators, bounty hunters and lawyers in mind. Information America is
the first accessible service to make use of previously collected data for
the express purpose of providing up-to-date whereabouts and personal
profiles of as many Americans as possible.
...
People finder is made up of four services: SKIP TRACER, TELEPHONE TRACKER,
PERSON LOCATOR and PEOPLE FINDER MULTITRACK
....
SKIP TRACER traces a person's moves or verifies the current address when
all you have is an old address. You will enter the person's name, street
number, street name, and either the zip code or the city/state. If your
subject is in IA's files a profile will be provided that includes the
address he moved to (or current address), phone number, length of
residence, and more. You may also request a list of ten of the person's
neighbours. A profile on the current resident at your subject's old address
and up to ten neighbours there may also be available.
...
TELEPHONE TRACKER tracks down the owner of a telephone number... If a match
is found, you may look at a profile of that individual/residence and a
listing of up to ten neighbours.
...
PERSON LOCATOR helps you locate a person when specific address information
is not available. Enter the person's name and indicate whether you wish to
conduct a search by city, state(s), zip or nationwide. Person Locator will
compile a list (up to 300 names for nationwide and up to 100 names for
individual state searches) that match the information entered..... When you
find the right name, you may request a profile and neighbour listing for
that individual.
....
PEOPLE FINDER MULTITRACK helps you find multiple people during one search.
Search results are available the following business day.
...
IA's clients are mostly lawyers and paralegals working at large legal
firms, but the FBI is also a major IA client.
...
IA has existed for at least three and a half years, but has remained
relatively unknown to the public.
...
To market its database services, IA seems to have adopted a grass-roots
kind of approach. IA employs liaison in major metropolitan cities whose job
it is to research and contact prospective clients lawyers, for example. I
am unaware of any advertising in specialist journals.
..."
Discussions of the potential dangers of a service like this would be better
addressed to the splendid Usenet newsgroup comp.risks - to which my colleague
is addressing a separate message about Information America. However it seems
to me that the service might be of legitimate interest to a number of
soc.roots/ROOTS-L readers (for example, those carrying out aextensive "one-name
studies"), hence my posting this message. Brian Randell
PS I reiterate - I have no personal knowledge of Information America, and
cannot vouch for the accuracy or fairness of the Mondo 200 article from which
I have quoted.
Dept. of Computing Science, University of Newcastle, Newcastle upon Tyne,
NE1 7RU, UK
[email protected] PHONE = +44 91 222 7923
------------------------------
Date: 18 Feb 1993 09:06:10 U
From: "Lin Zucconi" <
[email protected]>
Subject: "Telephone Service Cut Off"
The Valley Times (Feb.18) reported that telephone service was cut off for more
than 4 hours to about 37,000 phone lines in Livermore, CA including "911" and
operator "O" lines. The article said that "the significance (of the
malfunction) was in having three prefixes that can't reach emergency phone
lines.... The phone company [Pacific Bell] was stymied in correcting the
problem because diagnostic tests of the equipment told technicians that there
was no problem....Technicians eventually located the problem in a call
processor computer tape and replaced the malfunctioning tape." Luckily for
those of us that live here, this is a relatively low crime area and no serious
crimes occurred during the outage. Some banks compensated by letting in only a
few customers at a time because they were concerned that their alarm systems
wouldn't be able to call police.
------------------------------
Date: Sat, 20 Feb 93 10:49:25 -0800
From: Lauren Wiener <
[email protected]>
Subject: Computer delays response to fatal fire
>From the Oregonian, Saturday, Feb. 20, 1993, p.B1:
"Computer delays response to fatal Bonny Slope fire", by James Mayer
It takes seven minutes for the alarm to reach Tualatin Valley Fire & Rescue
because of a glitch that sends it to the office that dispatches Portland Fire
Bureau units instead of to the proper agency in Washington County
[BACKGROUND: Multnomah County is the county that contains the City of Portland.
Suburban Washington County adjoins it to the west. Multnomah County is oddly
shaped, and small slices of it here and there are served by suburban agencies
instead of the corresponding Portland agency. I live in one of those places,
and when I moved into my present house in 1980 it took the telephone company
two days to find me and sort out who was responsible for hooking up my
telephone service. Which fortunately was not an emergency.]
A computer error added seven minutes to the time it took firefighters to reach
a 68-year-old woman trapped in her burning Bonny Slope home last week.
Mildred Smith died of smoke inhalation suffered in a pre-dawn Feb. 12 blaze at
her home at 12401 NW Thompson Rd.
A neighbor telephoned 9-1-1 to report the fire at 2:40 AM, but firefighters
from Tualatin Valley Fire & Rescue were not dispatched until 2:47 AM because a
computer error sent the original call to the wrong place.
Eugene Jacobus, Washington County deputy medical examiner, said it would be
hard to determine whether the dispatching delay made a fatal difference.
Firefighters were also delayed by steel-bar security doors when they reached
the remote house north of Cedar Mill, 5 and 1/2 minutes after finally getting
the call for help.
"It's really hard to say, but certainly a delay of that magnitude is going to
make a difference, Jacobus said. "You can be relatively sure that any delay,
whether two or seven minutes, is going to rob an individual of some ability to
be resuscitated."
By Friday, officials had traced the problem to the computerized telephone
switching system at Portland's 9-1-1 center on Kelly Butte.
Fire and US West Communications officials say a "reloading" of some computer
software by US West inadvertently changed the way the 9-1-1 system routed calls
for a very small number of callers.
"We're still looking to find out how that happened," said Jim Haynes, US West
spokesman.
<stuff about previous problems with the system deleted>
Here's what happened in the latest incident, as pieced together from
interviews and official reports:
At 2:40 AM, Jack Gilbert, of 12229 NW Hillar Lane, called 9-1-1 to report what
he first thought was a brush fire in the area of the NW Thompson Road home,
about 100 yards away.
The call was answered at Kelly Butte, because the Gilbert's home is just
inside the Multnomah County line.
On the enhanced 9-1-1 computer screen, the dispatcher could see that
Washington County Consolidated Communication Agency was the appropriate
dispatching agency and Tualatin Valley Fire & Rescue was the appropriate fire
department.
About four seconds later, the dispatcher hit a key that is supposed to route
the call automatically to the right place.
But, in this case, it didn't work. Although the 9-1-1 operator didn't know
it, the call instead went to Portland's Fire Alarm Dispatch office, which
dispatches Portland Fire Bureau units.
Dispatchers there looked at the address and realized it was a Washington
County call. At 2:44 AM Portland fire dispatchers called the Washington
County 9-1-1 center.
But for reasons that are unclear, Washington County dispatchers looked for
"1229" Hillar Road, instead of "12229" for some time without finding it in
their computers, finally kicking it back to Portland under the belief that it
must be a Portland address.
About two minutes later, Portland Fire called Washington County again. This
time, the right, five-digit address was exchanged.
Finally, at 2:47 AM, Tualatin Valley Fire & Rescue got the call.
At almost the exact moment, seven minutes after the first call, Smith herself
called 9-1-1 from inside her home. The same thing happened. The Kelly Butte
dispatcher hit the key to route the call, and it went to Portland Fire Alarm
Dispatch instead of Washington County.
About a minute after that, Gilbert called again, this time to report that the
fire was in the house. By this time, firefighters were on the way.
It took the first company, coming from kaiser Road in the Oak Hills area, 5
and 1/2 minutes to get there.
The second unti arrived two minutes after that.
Firefighters could hear 73-year-old Robert Smith pounding on the security
door, trying to get out.
His wife, by that time, however, was silent. Firefighters broke a window to
get inside.
Robert Smith suffered smoke inhalation, but he survived. Mildred Smith died 12
hours later.
Larry Hatch, assistant director of the washington County 9-1-1 center,
acknowledged that confusion about the address added minutes to the call, but
none of that would have happened without the initial switching error.
Gary Schrader, director of Portland's Bureau of Emergency Communications,
which runs the Kelly Butte center, said officials originally thought the
dispatcher had made a mistake.
The telephone problem was discovered and corrected on Monday.
The telephone company had done a system "reload" Jan. 30 and that was what
resulted in the switch sending calls in the wrong direction, Haynes said.
Schrader said the error was not discovered because of the low volume of calls
from people who live in Multnomah County but, like the Smiths, are served by
an outside fire agency.
END Oregonian article
COMMENT: The story doesn't say why "reloading" produces erroneous behavior.
Maybe US West doesn't know, at this point?
------------------------------
Date: Mon, 22 Feb 1993 12:14:53 -0800
From:
[email protected] (John W. Sinteur)
Subject: Tapping the new digital car phone systems
The following appeared in the Automatiseringsgids in The Netherlands last
week. The Automatiseringsgids is a weekly newpaper-like magazine on
information technology in the Netherlands. My comments are in [... -JS] I
tried to translate literally, any mistakes are mine, but not intented as such.
The author of the article gave me permission to send RISKS a translated
version of his article. ...
I think most comments on what's in the article are already made before, I just
wanted to let you know what's happening over here in Europe... -John
GSM cannot be tapped. (Automatiseringsgids, 19 Feb 93)
The Ministry of Justice is negotiating with PTT Telecom to figure out which
way Justice, Police and Security Services can listen in on subscribers of the
new digital car phone system (GSM). The government is now discussing the
option of tapping conversations at the central PTT switchboards. [PTT Telecom
is the sole provider of telecom infrastructure in the Netherlands -JS]
GSM is protected by personal subscriber smart-cards and complex algorithms,
well enough to stop professional eaves-droppers. Security officials fear
that this will be welcomed by criminal organisations, who can communicate
through this system without fear of being tapped.
[The article does not mention exactly which 'algorithms'. Public key
perhaps? If anyone really knows, please tell us -JS]
Since GSM will be used throughout Europe, it is especially useful for
criminals operating internationally.
Secret and Police Services in Europe are trying to convince their Ministries
of Internal Affairs of the need to force GSM providers to adapt their services
to make tapping possible. The German government is talking to two GSM
providers, DBP Telekom and Mannesmann/PacTel, to persuade them to cooperate
and implement a tapping option. British Telecom and Vodafone in Great Britain
are also discussing this problem with the government. [GSM] providers are
thinking about this problem and are trying to find a solution for all of
Europe.
[end of article]
[
[email protected] John W. Sinteur, 2:512/48 (fidonet) ]
[ Snail: Jade str 28, 2332 RT Leiden, The Netherlands ]
------------------------------
Date: Fri, 12 Feb 93 19:15:43 -0500
From:
[email protected] (Fred Cohen)
Subject: A quick request for opinions
I am writing a book about artificial life, and have some examples of programs
that automate distribution of software in LANs, implement distributed
databases, etc. They are all written in the Unix shell, and involve a few
lines of code that automatically copy the programs between machines to
automate the distribution process. It has come to my attention that there may
be substantial objection to this idea and I am asking people in this forum for
their opinion.
Each program includes explicit safeties to prevent copying to machines where
operation is not authorized by the root, and they are designed not to spread
outside of particular directories. The code is very obvious (only a few lines
of shell script after all), and the book includes explicit warnings not to
remove safeties or use on any machine where you don't have permission.
Questions:
1 - why not provide this in the book?
2 - what risks do you see in it?
3 - are you an admin or a user?
4 - do you think there is value in including these examples?
5 - do you think the advantages of examples outweigh any risks?
6 - do you think that the versions that optimize their own behavior by
`evolving' improved forms should not be included - if not why not?
Please Email me your responses ASAP, as the book goes to press in a few weeks.
Also, if you DO NOT want your comments included in the book (no names will be
used) tell me. Otherwise, I will feel free to include any comments I find
particularly enlightening. FC
------------------------------
Date: Fri, 19 Feb 93 12:55:43 GMT
From:
[email protected]
Subject: London Ambulance Service
The London Ambulance Service Crisis reported to RISKS earlier has been absent
from the UK press for a while, but now it seems likely to burst forth again.
The attached article is reprinted in its entirety from (UK) Computer Weekly,
18 Feb, 1993. Cheers. Brian Randell
Report to confirm (pounds)1m 999 systems blunder (by David Evans)
LONDON Ambulance Service made a fatal blunder when it bought a (pounds)1m
untested computer system to handle 999 calls, an official inquiry will reveal
next week. Union leaders have already blamed the system for contributing to
the deaths of at least four patients.
Around 800,000 emergency calls are handled by the capital's ambulance
service each year. But after a spate of incidents, in which calls were lost
and emergency victims suffered long delays before ambulances arrived, the
system was abandoned.
Now an official report into the fiasco, demanded by health secretary
Virginia Bottomley, is expected to be scathing in its criticism.
Since last November an independent panel has been looking at the circumstances
surrounding the purchase of the system, bought when a previous computer-aided
dispatch module crashed. Yet after just a few months of use the replacement
was similarly suffering from calldata overload.
Questions raised by the report will include why Aldershot-based Systems
Options was chosen as the main soft-ware supplier when it had no previous
experience in providing dispatch systems to the ambulance sector.
Jim Pedroza, Systems Options' founder, has consistently refused to talk to the
press. His networked solution based on Apricot workstations and servers
contrasts markedly with mini-based systems favoured by other emergency
services.
According to sources working close to the inquiry team, one conclusion is
that a replacement computer-aided dispatch system will now take years,
rather than months, to implement. It will also confirm that the Systems
Options solution is wholly unfit for the task.
Said one London ambulance source: "What we're talking about here is an
official stamp of condemnation. Not enough attention was paid to the project,
and the lack of expertise in choosing the system was completely unacceptable."
The outcome of the report has been delayed to allow for the publication
this week of the Tomlinson report on London hospitals.
Since the system was ditched, the service's chief John Wilby has resigned and
control room staff have reverted to manual methods of dispatching crews.
Dept. of Computing Science, University of Newcastle, Newcastle upon Tyne,
NE1 7RU, UK
[email protected] PHONE = +44 91 222 7923
------------------------------
Date: Mon, 22 Feb 93 10:07:56 -0800
From: Teresa Lunt <
[email protected]>
Subject: DCCA-4 Call for Papers
Below is the Call for Papers for the 4th IFIP Working Conference on Dependable
Computing for Critical Applications. The conference aims to promote research
that considers different aspects of dependability, including security, safety,
reliability, and availability, in a common framework, with emphasis on high
assurance.
Call for Papers:
4th IFIP Working Conference on Dependable Computing for Critical Applications
January 4-6, 1994, Catamaran Resort Hotel, San Diego, California, USA
Increasingly, individuals and organizations are becoming critically dependent
on sophisticated computing systems. In differing circumstances, this
dependency might for example center on the continuity of service received from
the computing system, the overall performance level achieved, the real-time
response rate provided, the extent to which catastrophic failures are avoided,
or confidentiality violations prevented. The notion of dependability, defined
as the trustworthiness of computer service such that reliance can justifiably
be placed on this service, enables these various concerns to be subsumed
within a single conceptual framework with reliability, availability, safety
and security, for example, being treated as particular attributes of
dependability.
The fourth IFIP Working Conference on Dependable Computing for Critical
Applications aims at bringing together researchers and developers from
academia, industry and government for advancing the state of the art in
dependable computing. Papers are sought in all areas of dependable computing,
including but not limited to models, methods, algorithms, tools and practical
experience with specifying, designing, implementing, assessing, validating,
operating and maintaining dependable computing systems. Of particular, but not
exclusive, interest will be presentations which address combinations of
dependability attributes, e.g. safety and security or fault-tolerance and
safety, through studies of either a theoretical or an applied nature.
Submitting a Paper: Six copies (in English) of original work should be
submitted by 30 June 1993, to the Program co-Chair:
Dr. Gerard Le Lann
INRIA - Project REFLECS
BP 105 Tel: +33.1.39635364
78153 Le Chesnay Cedex Fax: +33.1.39635330
France E-mail:
[email protected]
Papers should be limited to 6000 words, full page figures being counted as 300
words. Each paper should include a short abstract and a list of keywords
indicating subject classification. Papers will be refereed and the final
choice will be made by the Program Committee. Notification of acceptance will
be sent by September 24 1993, and camera-ready copy will be due on November
12, 1993. A digest of papers will be available at the Conference, and
hardbound proceedings will be published after the Conference as a volume of
the Springer-Verlag series on Dependable Computing and Fault-Tolerant Systems.
Important Dates:
Submission deadline: June 30, 1993
Acceptance notification: September 24, 1993
Camera-ready copy due: November 12, 1993
General Chair
F. Cristian, Univ. of California, USA
Program Cochairs
G. Le Lann, INRIA, France
T. Lunt, SRI International, USA
Local Arrangements/Publicity Chair
K. Marzullo, Univ. of California, USA
Program Committee
J. Abraham, U of Texas at Austin, USA
A. Avizienis, UCLA, USA
D. Bjoerner, UNUIIST, Macau
R. Butler, NASA, USA
A. Costes, LAAS-CNRS, France
M-C. Gaudel, LRI, France
V. Gligor, U of Maryland, USA
L. Gong, SRI International, USA
H. Ihara, Hitachi, Japan
J. Jacob, Oxford U, UK
S. Jajodia, George Mason U, USA
J. Lala, CS Draper Lab, USA
C. Landwehr, NRL, USA
K. Levitt, U of California Davis, USA
C. Meadows, NRL, USA,
J. McLean, NRL, USA
M. Melliar-Smith, UCSB, USA
J. Meyer, U of Michigan, USA
J. Millen, MITRE, USA
D. Parnas, McMaster U, Canada
B. Randell, U of Newcastle upon Tyne, UK
G. Rubino, IRISA, France
R. Schlichting, U of Arizona, USA
J. Stankovic, U of Massachusetts, USA
P. Thevenod, LAAS-CNRS, France
Y. Tohma, Tokyo Inst. of Technology, Japan
Ex-officio
J-C. Laprie, LAAS-CNRS, France
IFIP WG 10.4 Chair
------------------------------
Date: Tuesday, 16 Feb 1993 20:08:04 EST
From:
[email protected]
Subject: Call for papers, Technology and Society
CALL FOR PAPERS
TECHNOLOGY: WHOSE COSTS?...WHOSE BENEFITS?
Areas of Concentration:
Computers and Communications, Health Care, Energy and the Environment
The International Symposium on Technology and Society 1993 (ISTAS '93)
The International Symposium that links Technology and Social Effects
Sponsors:
The Institute of Electrical and Electronic Engineers Inc. (IEEE)
Society for the Social Implications of Technology
The IEEE National Capital Area Council
The IEEE Technology Policy Conference Committee
Washington DC October 22-23, 1993
Technology is constantly changing the our world. New ways of doing things
bring benefits undreamed-of just a few years ago. These technologies also
have their price. The costs can be financial, but also less freedom, more
risks, more stress. How do we balance benefits and costs? Do those who enjoy
the benefits bear their fair share of the costs? How can we determine a fair
share? If we can, and don't like the results, what do we change? Is the
Government always the best way to change things?
ISTAS '93 invites significant contributions on these issues from a wide
spectrum of scholarly and concerned individuals. The contributions can be
papers, proposals for a session or panel of invited experts, or proposals for
"poster" or discussion sessions. Please send a 100 word summary for papers or
a 1000 word proposal for sessions, to the General Chair
Dr. William J. Kelly, Attn. IEEE, MITRE Corporation, m/c Z568, 7525 Colshire
Drive, McLean, VA 22102 E-mail:
[email protected]
Deadline for Submission: March 12, 1993
Notification of Acceptance: April 12, 1993
Camera Ready Copy: June 30, 1993
For information call Jackie Hunter (703)-803-8701
------------------------------
Date: Mon, 22 Feb 1993 13:13:37 -0800
From: Peter G. Neumann <
[email protected]>
Subject: Privacy Digests
Periodically I will remind you of TWO useful digests related to privacy,
both of which are siphoning off some of the material that would otherwise
appear in RISKS, but which should be read by those of you vitally interested in
privacy problems. RISKS will continue to carry higher-level discussions in
which risks to privacy are a concern.
* The PRIVACY Forum Digest (PFD) is run by Lauren Weinstein. He manages it as
a rather selectively moderated digest, somewhat akin to RISKS; it spans the
full range of both technological and non-technological privacy-related issues
(with an emphasis on the former). For information regarding the PRIVACY
Forum, please send the exact line:
information privacy
as the BODY of a message to "
[email protected]"; you will receive
a response from an automated listserv system. To submit contributions,
send to "
[email protected]".
* The Computer PRIVACY Digest (CPD) (formerly the Telecom Privacy digest) is
run by Dennis G. Rears. It is gatewayed to the USENET newsgroup
comp.society.privacy. It is a relatively open (i.e., less tightly moderated)
forum, and was established to provide a forum for discussion on the
effect of technology on privacy. All too often technology is way ahead of
the law and society as it presents us with new devices and applications.
Technology can enhance and detract from privacy. Submissions should go to
[email protected] and administrative requests to
[email protected].
There is clearly much potential for overlap between the two digests, although
contributions tend not to appear in both places. If you are very short of time
and can scan only one, you might want to try the former. If you are interested
in ongoing detailed discussions, try the latter. Otherwise, it may well be
appropriate for you to read both, depending on the strength of your interests
and time available.
PGN
------------------------------
End of RISKS-FORUM Digest 14.34
Downloaded From P-80 International Information Systems 304-744-2253
