open letter to alt.tv.red-dwarf.moderated readers
T...@alt.tv.red-dwarf.moderated
third-party copyrights than they did for software they
contracted for themselves, like Sybase. Salomon didn't have a UNIX source
license, so obviously the employee had gotten it elsewhere.
In the following statistic, it was the only non-Salomon source code.
We went from zero monitoring of Internet email traffic to...
> On 3/21/96 we had our first security incident report.
>
> By 3/26/96 we had an astonishing 38,000 lines of proprietary source code
> outbound.
>
> We were mentally unprepared. Figuratively we were pulling our hair out
> wondering when the madness would stop.
>
> It never did.
As I said, the results of keyword monitoring were stunning.
If you look up computer security literature and read up on security incidents,
you'll notice none are more articulate about inside-employee incidents other
than to describe the people as "disgruntled employees".
Wrong.
I'll go over some of the major categories of incidents I encountered.
Keyword monitoring is abstract to most people; these results show
how powerful the technique is.
Here are two from the category:
o People innocently trying to get work done.
This usually happens between the programmer and a third-party vendor.
SISS stands for 'Salomon Informatio
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 8.3.3
PmW5QwPMbpoi5IoKoJgZP8TSDwev7dnTVIv0GrGH1ttiJBhHcRykjy5UjpTcR+1x
Bt4AX3cUj9rn1qdJQTKHyoMWrBrl9WTeWMLuVd/DOdhXt4t9ZueZtiIvjKMbMNBS
ZsXURCWkQRC3CLomua9bn9L8ZHxxsbZkldcxuSdInerwTSc2tcOTZOO5mS4YlXcz
IrWfMcws0Q3/FOSWf9xv96ydiJeqahyloliTOXDTPAq2m7YmOF==
=uBWR
-----END PGP SIGNATURE-----
Ed...@alt.tv.red-dwarf.moderated
Not carrying ID was a primary part of the police complaint.
It is impossible for the government to issue a National ID Card without
its use eventually becoming required. That is simply how it goes with new
tools for the government.
See how the uses of the Social Security number have grown, wildly beyond
what the government ever said it would be used for?
# Privacy Journal, By Robert Ellis Smith, October 1986 issue
#
# Tax reform bill HR 3838 requires effective January 1988 that any taxpayer
# claiming a dependent five years or older have a Social Security number.
#
# This is to prevent divorced parents from simultaneously claiming the
# same child.
#
# The requirement means that, for the first time, large numbers of children
# who have not reached employment age will need Social Security numbers.
#
# Its use has been expanding the past fifteen years by regulations under
# the Bank Secrecy Act, requiring all bank account holders to be enumerated,
# and by the Deficit Reduction Act of 1984 and subsequent legislation
# requiring children who receive public assistance to be enumerated.
#
# Privacy Journal, By Robert Ellis Smith, April 1990 issue
#
# State legislatures are forced to enact legislation by November requiring
# all parents to provide their Social Security numb
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.8
ykWY46BIHXakcEGnW0YLmVmC8M9VlKqY8ka30ToVnzlUpRxg/uaMn2JBgor2O5Gh
oaT6PO1knsFkMWzi6ATpW1dZ/xp+RvYb21fOKkWx1oSXOZ0xPwpBtVSv/9CLz0rc
z8wj7e8HgU9UlGeb4r+1yaVQp1hAQ8oAxosh/TfqCL2vzIIFHx8VRD4z6sDyriaR
JCNN3rsnab6NrayXxLenvd9EDy/C5XOSC1RhWarrXS==
=R/kq
-----END PGP SIGNATURE-----
Don...@alt.tv.red-dwarf.moderated
really know their "business":
: Robert Fitches, a 22 year-old said in his Federal lawsuit that he was
: humiliated when state troopers ordered him to drop his pants during a
: drug search along Interstate 15 in Davis County.
: Source: Salt Lake City Tribune 7/8/95
Maybe this is an accurate analogy of why dragnet-monitoring is wrong:
: The Sheraton Boston Hotel was discovered videotaping employees changing
: clothes in locker rooms. The 1991 surveillance caught employees using
: drugs, Sheraton said. Source: Senate Labor Committee on Employment, 6/93
If you strip us naked you will detect more crime, but also, you strip
individuals naked without specific individuals being suspected of a crime.
Dragnet monitoring should not be the American way.
Unrestricted cryptography must be made legal now,
so we are no longer naked to ECHELON monitoring.
It will be a beginning.
: Privacy Journal's War Stories (75 pages, $21.50) is available from
: PRIVACY JOURNAL, P.O. Box 28577, Providence RI 02908, 401/274-7861,
: electronic mail: 510...@mcimail.com.
:
: Beverly Folmsbee of Pittsfield Massachusetts, who was not suspected
: of any drug use, left her job after declining to take a "degrading"
: urinalysis test at her company, then known as Tech Tool Grinding &
: Supply Inc.
:
: It required disrobing, donning a hospital gown, and submitting to
: bodily insp
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 0.0.5
L4C3bLUPhEstdr0NXCF2CiN3MbJCD3K+DyBv8Uri1OgyHV+uwrkQDLE2FVKwcVSh
fHV4ENHczwD3fpvzengepYL+4SJIXCwUqvZtaPEn0gkrPcUt4Y9iPHDkHu+Mr7vk
i0JzwWJwyvCOEAzIJ4cjqIPtp+dJmS/xIEKrcVcuicULHVQBz0zPE8eIM8MfBS+Y
dR4cjNFb6Q8DrlE4oQ==
=c1S8
-----END PGP SIGNATURE-----
Elis...@alt.tv.red-dwarf.moderated
of the air VAST numbers of communications,
including telephone conversations, store them in computers, play them
back later, has a truly frightening potential for abuse.
George Orwell issued a warning.
He told us that freedom is too much taken for granted, that it needs to
be carefully watched and protected. His last word on the subject was a
plea to his readers: "Don't let it happen. It depends on you."
]
*
* The National Security Agency's Project L.U.C.I.D., with all its
* technological wizardry, is a future, planetary dictator's dream---and a
* Christian and national patriot's nightmare. Someday, the Holy Bible
* prophesies, that planetary dictator will emerge on the scene, lusting
* for blood...
*
* There can be no doubt about it.
*
* The REAL Chief Executive Officer of the NSA is not a human being.
*
* The CEO MUST be Lucifer himself.
Amen.
----
It is technology driving the capabilities, it is our government using
them ruthlessly: without letting us vote on it.
Never before could someone walk up to you and number you by scanning
your fingerprints. A number that is yours and yours alone.
You have been numbered for all time.
No ID card needed once portable fingerprint scanners are deployed all over!
If the government suddenly ordered all citizens to be numbered with an
indelib
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.6.2
0J1GE84dZFunZnysGAxL3W8spOT2lyYve2Xm9vKTrdC7HaB/uHWt9/pJ8ElT96N5
p6appNNbzVPBhsP1++ISmkZm3ekOyITBkMLiYVWsqcSfHO2CKKss38d2Hf+G2F0R
Bxy1ccdRDMl0g7uYWTyV9mg76LYMf3vK3nClsanWbRw9eS9JvTTvOfafBWWFwwO/
3su9KuJjce2mQLKXdcALp2TJ2LoECS/r5u49Wn2mQx3fPpq4km==
=sNi8
-----END PGP SIGNATURE-----
Bla...@alt.tv.red-dwarf.moderated
has also moved into "the
# human market."
#
# Effective this year, the federal Food and Drug Administration requires
# every breast implant carry a transponder chip with a unique identifying
# number. A hand-held scanner can read the number much like a supermarket
# scanner.
#
# The reason the government gave for the transponder was that both the doctor
# and patient might lose track of what kind of breast implant was installed,
# and so if a certain model had a recall, they could tell what was installed.
#
#
# The American Textile Partnership, a research consortium linked to the U.S.
# Department of Energy, is sponsoring a research called "Embedded Electronic
# Fingerprint" to develop a transponder the size of a grain of wheat that
# could be attached to a garment until the owner threw it out.
#
# Heretofor, this application has been considered only for security purposes.
#
# The definition of "security", according to the textile industry magazine
# 'Bobbin', has been expanded to include "anti-counterfeit" tracking after
# purchase. [What???]
#
# Could a machine-readable tag on a person's clothing serve many of the same
# tracking purposes an one embedded in the body?
----
Sure, government ca
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.9.8
Qx+v+qiaWMr6lCRuROh7eIjv81fytrvvNMkjwk22l3Ya0j0siEw4wzojUAIVdISV
kNAyc5HowvfmWzbLX2vZm4SkU9is6D7IY2uOfUEdr3rzz6ZdO0A7TVk5a+6EzYKO
7Gxbi3yKtBybs8WlkNVT1agED1g+09kPEJy1IcgdWYrJU/HUcQjoJ1S+vOSfM6lM
geaG9n/LtP7E8diE4/X2eGECfXqtvw==
=fW49
-----END PGP SIGNATURE-----
Rat...@alt.tv.red-dwarf.moderated
search warrant to seize it.
: [snip]
:
: What about the penalties for "unauthorized
: breaking of another's encryption codes?" That
: would criminalize cryptanalysis, the way to verify
: the security of encryption software you buy. "The
: only way to know the strength of a cipher is
: cryptanalysis," says Marc Briceno, a
: cryptography guru at Community ConneXion.
:
: Then there's Kerrey's statement saying "there
: will be" restrictions on what encryption products
: you're permitted to buy from overseas firms. This
: contradicts Justice Department official Michael
: Vatis, who told me at a conference this year that
: the Clinton administration did not want import
: controls. Though Cabe Franklin, spokesperson
: for Trusted Information Systems, says Kerrey was
: misunderstood. "In the briefing afterwards, I found
: out he didn't mean that at all. He meant import
: controls, but more regulation than restriction. The
: same way they wouldn't let a car with faulty
: steering controls in the country. He meant more
: quality control," Franklin says. (I don
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 1.8.7
7aq07FhbFUiJ35QIG2Vvtc5ae+2uhKZU1r9hDJnNpo9jwPPToBcn3iUW+D0HN3Ms
DxFCZn3pSUy9BzGn4M95W/h+5HbdMOyNe+Qnh1wEjbeXYskSCDPBEwjbVaWaSskn
VEx4T92jqGgn7LCC0FwT8bFjuu0yNkhnpYTa2z6Zu+czNtQsMSYlqyUvSnolLX6/
RP6V7cysfaZIn8wkOI==
=2jZO
-----END PGP SIGNATURE-----