The Risks Digest Volume 18: Issue 1 Forum on Risks to the Public in Computers and Related Systems ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Volume 18: Issue 1 Friday 5 April 1996 Contents Sixth Computers, Freedom and Privacy Shabbir J. Safdar A Wiretap Incident in New Orleans Shabbir J. Safdar Computer Error Costs MCI $Millions Scott Lucero Teen Accused of Hacking David M Kennedy Only Americans can contact the AT&T operator Tom Gardner Re: Wrong approach to Java security Frank Stuart Re: Risks of rewritable BIOSes Jeremy J Epstein Re: "This is not a bug" messages: MacsBug David A. Lyons Re: The Queen's Speech Allan Engelhardt Re: Notes on e-mail: Use of diaeresis Dan Hicks http://catless.ncl.ac.uk/Risks/18.01.html (1 of 21)2005-04-14 18:22:01 The Risks Digest Volume 18: Issue 1 Daan Sandee On the meaning of "email" Clive Feather Browser return e-mail addresses Walter Roberson Info on RISKS (comp.risks) Sixth Computers, Freedom and Privacy Shabbir J. Safdar <[email protected]> Thu, 04 Apr 1996 16:05:34 -0500 I attended last week's Sixth Computers, Freedom, and Privacy conference in Cambridge MA, where policy-makers, technical experts, and activists came together to hash out the intersection of the three elements of its title. CFP is an unusual place; the closest thing our community can get to "neutral ground" on many issues. This is best expressed by the fact that in the hallways of the hotel, it's not unusual to see those that supported and those that fought the Communications Decency Act hob-nobbing it up, trading friendly swipes about their take on the bill. In addition, it's always an enjoyable thing to be able to meet an FBI agent in a neutral setting and ask them questions about their perspective on various issues. CFP is still finding it's way, though, as the issues it covers evolve in and out of the mainstream. A few years ago the issues were hackers and search warrants for computers and bulletin boards. Now that seems to http://catless.ncl.ac.uk/Risks/18.01.html (2 of 21)2005-04-14 18:22:01 The Risks Digest Volume 18: Issue 1 have been replaced by encryption policy, wiretaps and how much of the First Amendment applies to the net. CFP has survived well, and I continue to return every year I can. I return not only see the issues from new perspectives, but also to obtain the synergy that can only happen in a face-to-face encounter. This isn't to say that CFP doesn't stumble occasionally. There were a few panels this year that fell into the CFP trap, where individuals came to express none-to-fresh perspectives on problems that have been beaten like the Lone Ranger's dead steed. Encryption is typically the cause of these. On the other hand, however, CFP was successful in what is the most entertaining and enlightening approach to the encryption debate I've seen in the last two years. Centering around a mock law that required key escrow, the CFP program committee set up a "moot court" of five Federal judges (real ones, with black robes and everything) that heavily questioned attorneys that presented a cases for the government on one side, and plaintiffs challenging the law on the other. The live questioning, and the exercise of having to put one's arguments into a legal framework was an experience that everyone enjoyed. This was clearly the most heavily attended panel of the conference. The other interesting thing this year was the final panel of the conference, a reflection on the entire conference done by four science http://catless.ncl.ac.uk/Risks/18.01.html (3 of 21)2005-04-14 18:22:01 The Risks Digest Volume 18: Issue 1 fiction authors: Bruce Sterling, Vernor Vinge, Pat Cadigan, and Tom Maddox. This was probably the most interesting way to reflect on the conference, and the writers seemed to form a sort of "collective conscience" for the rest of us. Bruce Sterling, in particular, provided a dystopian view with such a forceful delivery that I, and many others, probably stumbled from the room unable to decide if we were happy we knew where we were going, or if we should run screaming in terror at society's impending train wreck. It was somewhat appropriate that there was no time for questions after that panel. They would have simply detracted from the fact that the writers got the "last word". It's a great role though, to have those who dream for us, our science fiction writers, act as our conscience. I hope the program committee lets them do it next year, and I look forward to meeting the next set of faces that I'll have met on the net over the next year. -Shabbir J. Safdar * Online Representative * Voters Telecomm. Watch (VTW) http://www.vtw.org/ * Defending Your Rights In Cyberspace [Note: This was a very lively meeting. I hope further reportage will appear in RISKS. By the way, Shabbir, Matt Blaze, Bob Metcalfe and I were honored with this year's EFF Pioneer Awards. Greatly appreciated! PGN] http://catless.ncl.ac.uk/Risks/18.01.html (4 of 21)2005-04-14 18:22:01 The Risks Digest Volume 18: Issue 1 A Wiretap Incident in New Orleans Shabbir J. Safdar <[email protected]> Thu, 04 Apr 1996 16:05:34 -0500 [From VTW's BillWatch newsletter, an announcement-only list archived at http://www.vtw.org/billwatch/] -Shabbir J. Safdar * Online Representative * Voters Telecomm. Watch (VTW) http://www.vtw.org/ * Defending Your Rights In Cyberspace A TRAGIC STORY ABOUT A WIRETAP by Shabbir J. Safdar, VTW Board (New York, NY) This week most of VTW's staff attended the Computers, Freedom, and Privacy conference in Cambridge Massachusetts. I go to the conference every year to recharge my batteries, put names to faces, and enjoy the synergy that can only come with face-to-face dialogue. This year the debate over encryption seemed focused on three panels, the only novel one being a panel which was a "moot court". Presided over by five real Federal judges, attorneys for plaintiffs and the government argued over the Constitutionality of a mock law that would require escrowing of encryption keys. Aside from this, the conference added no new material to the encryption debate. One valuable experience happened on the way home, however. I picked up the New York Times and came across a story in the New York Times Magazine about http://catless.ncl.ac.uk/Risks/18.01.html (5 of 21)2005-04-14 18:22:01 The Risks Digest Volume 18: Issue 1 a corrupt New Orleans police chief, and how he reacted to a woman who filed a police brutality complaint against him. The story goes this way: the FBI was wiretapping a number of New Orleans police officers who were allegedly guarding a 286 pound shipment of cocaine. During that time the FBI overheard a conversation between the police chief and several other police officials that the FBI alleges was a murder plot. The intended victim had previously filed a police brutality complaint against the chief. Although the FBI had the conversation in hand, they were unable to decode the police chief's "street slang and police jargon" in time to prevent the murder. The woman who filed the complaint, a 32 year old mother of three, was shot while standing in front of her house. It's easy to be angry about this incident. One could (and should) be angry with the murderers and their conspirators. However out of this comes two important observations on the encryption policy debate. One, while wiretaps have probably been effective in other cases, they were not effective in this one. While we can grant law enforcement the benefit of the doubt in other cases, the existence of this one shows that a wiretap is not the "silver bullet" of law enforcement that we have been led to believe. Another observation that can be made is that this parallels the key escrow debate very closely. No reasonable person is objecting to the http://catless.ncl.ac.uk/Risks/18.01.html (6 of 21)2005-04-14 18:22:01 The Risks Digest Volume 18: Issue 1 FBI's right to conduct a wiretap. However what is being debated is the extent to which individuals and law enforcement can go to accomplish their duties. The Clinton Administration is striving for a world where everyone is forced to speak in a form of encryption that is easily decoded by law enforcement. The public and industry is striving for a world where they continue to have private conversations. The situational parallel to this would be if the Administration had pushed a law that requires everyone to speak on the telephone in plain English, without slang and without any double meanings. This is the equivalent of key escrow. However, would this have really saved the person so tragically killed above? Unlikely. Individuals involved in criminal conspiracies will continue to use whatever means at their disposal to obscure their activities from the police. The corrupt police chief who allegedly ordered the murder would have still used slang and code, regardless of any laws banning such use. He was allegedly conspiring to commit a murder, why should he care? Such laws will, however, affect law abiding citizen's attempts to gain privacy. Law-abiding citizens that may be speaking to their doctors, attorneys, loved-ones, or business partners will continue to be targets of industrial espionage, private investigators, and, in a few cases, trusted individuals abusing that trust.
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages1970 Page
-
File Size-