Human-Nets-Request%rutgers@brl-bmd.UUCP (Human-Nets-Request@rutgers) (01/05/84)
HUMAN-NETS Digest Thursday, 5 Jan 1984 Volume 7 : Issue 2
Today's Topics:
Computers and the Law - Big Computer is Watching You (2 msgs) &
How "High Society" gets its two cents,
Computers and People - Japan and US on New Generation computing &
Augmented Global Consciousness
Computer Security - Passwording (2 msgs),
Computer Networks - Usenet
----------------------------------------------------------------------
Date: Mon 2 Jan 84 05:08:51-CST
From: Werner Uhrig <CMP.WERNER@UTEXAS-20.ARPA>
Subject: the IRS welcomes you to 1984 ... (a true story)
*** IRS OBTAINS LIST OF INCOMES TO TRACK DOWN TAX EVADERS ***
-------------------------------------------------------------------
(NY Times Service) -- The IRS has obtained a computerized list of the
estimated incomes of 2 million American households and has
begun to test if the list can track down people who fail to
pay their taxed.
IRS is conducting the test despite the refusal of the 3 major
companies that develop such information to give the government
a list, and over the objections of their trade organization,
the Direct Marketing Association.
In the test, a commercially prepared list of 2 million
households in Brooklyn, NY [exclusive Manhattan]; Wisconsin;
northern Ohio; Indiana; and Nevada will be matched against an
IRS list of people who filed income tax returns for 1982.
All those whose names appear on the commercial list but not
the IRS list will be notified that they are subject to a
revenue service inquiry about their tax liability. The
notices will start going out next spring.
If the test identifies people who file no taxes at all, the
service will try to determine if the same technique can be
used to track whose who underpay. The decision on wether to
use the technique nationwide will be made after 1985.
[ BTW - the company which decided to provide the data to the IRS, the
Dunhill Company of Washington, DC, is not a member of the
Direct Marketing Association, so getting the DMA address from
your local BBB and writing them to request removal of your
name from the files of all their members would not have
helped]
------------------------------
Date: Mon, 2 Jan 84 14:39:25 EST
From: Jonathan Dreyer <jdreyer@BBN-UNIX>
Subject: Thoughtcrime
FBI BOARD CONSIDERS FILE ON SUSPICIOUS PEOPLE
Associated Press
NEW YORK--An FBI advisory board is considering whether to
recommend expanding a national computerized file to contain
information on people who aren't wanted for crimes but are considered
suspicious, the New Your Times reported yesterday.
Under a proposal under consideration, the National Crime
Information center would have information on whether someone was
suspected of organized crime connections, terrorism or narcotics or
was a "known associate" of a drug trafficker, the Times said.
An unidentified top FBI official told the Times a decision on
the matter, first discussed Oct. 6 by the center's policy board, would
not be made for some time.
The proposed enlargement of the FBI's system would, law
enforcement officials said, improve their ability to fight crime,
track wrongdoing and help protect police against dangerous criminals.
According to the agenda of the October meeting, the new
"investigative applications" would represent "a logical progression"
of the national crime center's efforts.
The Times said the most controversial of 15 such applications
was the proposed use of the FBI computer to track "known associates"
of people who are named in warrants for arrest.
Lee Colwell, executive assistant director of the FBI, said FBI
director William Webster wouldn't act on the proposals until he had
carefully and systematically reviewed them, according to the Times.
The policy board has 28 members--21 state and local
enforcement officials, three prosecutors, two judges, a prison
administrator and a probation officer, the Times said.
(from the Boston Globe, January 2, 1984 (!))
------------------------------
Date: 2 January 1984 02:50 EST
From: Jerry E. Pournelle <POURNE @ MIT-MC>
Subject: How "High Society" gets its two cents
I can see how High Society can get paid for calls made to their
number, because the customers are paying; but I am told that
Club Magazine also gets paid for calls made to their 800 number
for "Free Phone Sex". I've been unable to figure out how anyone
makes money by giving out the number for "Free Phone Sex".
------------------------------
Date: 2 January 1984 03:07 EST
From: Jerry E. Pournelle <POURNE @ MIT-MC>
Subject: New Generation computing: Japanese and U.S. views (2 msgs)
Perhaps I have missed your point?
1. Is it your contenton that the United States shold disarm,
or, failing that, simply not provide modern weapons to the armed
forces?
2. Was it your point that the Defense Advanced Redearch Projects
Agency should be engaged in pure research for purely civilian
purposes?
3. Is it your point that defense of Western Civilization is not
"for the good of mankind"? I should have thought that had we
the military power to do so, we might consider it a benefit to
all to dismantle the Gulag, and perhaps guarantee a "freedom of
exodus"; and that would "benefit mankind".
4. Is it your contention that only DARPA is working on advanced
computers in the US?
5. I should have thought that one advantage the Japanese have is
their reliance on the US military for their protection, allowing
them to keep their Self-defense forces comparatively small and
thus inexpensive. Perhaps the US should adopt this policy? Or
is it possible that wealthy nations simply don't need defense?
------------------------------
Date: 4-Jan-84 23:20 PST
From: Kirk Kelley <KIRK.TYM@OFFICE-2>
Subject: Augmented Global Consciousness working definitions
How exactly is a self-referential tele-collaborated simulation to be
modeled? A model for the augmented global consciousness project needs
working definitions. Here are some suggestions.
tele-collaboration, a process of working together from a distance
on a project.
self-referential tele-collaboration, a tele-collaboration on a
model of itself.
For the model, simple difference equations with a time unit of one
year would go pretty far.
model, a set of difference equations designed to compute the values
of a set of variables representing the state of a system for one
unit of time.
simulation, the computation of the equations in a model over time.
change-message, a message that changes the computation in a
tele-collaborated simulation.
life-time (of a tele-collaborated simulation), the number of time
units between the times when the total change-messages are zero.
Collaborators work together from a distance to formulate equations and
compute the life-time of the process. Would such a "consciousness"
ever begin? End?
-- kirk
------------------------------
Date: 30 December 1983 04:20 EST
From: Robert Elton Maas <REM @ MIT-MC>
Subject: Passwords: Is there a better way?
Being required to manually permute whatever the computer throws at you
has several problems. First, it's very painful and prone to error and
frustration. Second, it makes you type slowly so somebody watching you
can see what you're doing, jot it down (with the challange) and figure
out offline your permutation algorithm. Third, it's awful hard to
remember a particular permutation unless it's a trivial one that would
be easy to guess (such as simple rotation or pair-swapping), whereas
even ridiculous passwords like aleminco are relatively easy to
memorize after a little practice. Forth it's considerably harder to
program your microcomputer to log in on your behalf using a
permutation scheme because it must parse the challange-sequence given
by the host in order to figure out what sequence to send. Fifth, just
try documenting this to novice users who never had a math course past
Algebra 1 (haven't the foggiest what a permutation is) and are afraid
of computers!
I think we're stuck with passwords/numbers for direct human
confirmation, or some physical characteristic like fist size when
jammed down on the keyboard or typing speed or fingerprint etc., and
public-key encryption for intelligent-terminal access to host via
packet protocol.
------------------------------
Date: Fri, 30 Dec 83 13:36:57 EST
From: Adam Moskowitz <adamm@BBN-UNIX>
Subject: Passwords: Is there a better way ? (V6 #87)
In Response To: Randy Saunders' message of 23 Dec 1983 01:03 CST
Such a scheme has been discussed for use on such networks as the
ARPA-net and the MILNET. However, the idea was taken, at least on
paper, one step further. Each user would be issued a credit-card-
sized 'encryptor'. When the user logged on, the system would present
him/her with a challenge. The user would then type this challenge
(most likely a 10-12 digit number) into his/her 'encryptor'. The
'encryptor' would permute the challenge via an UNKNOWN algorithm ans
display a reply. The user then types in this reply. Ths system then
permutes the same challenge with the SAME UNKNOWN (except to the
system) algorithm and compares the user's reply to the answer it gets.
This method, if it ever gets implemented, has several advantages: 1)
The user cannot divulge his/her algorithm because s/he DOES NOT KNOW
what it is ! If the user gives away the 'encryptor', s/he now has no
way of gaining access to the system. 2) New 'encryptors' can be
issued when if security is ever breached. Old 'encryptors' then
become obsolete.
I don't know if/when this scheme will ever come to life. I hope I
haven't breached any security restrictions by talking about it, but I
heard it at aa 'open' meeting. It must be OK to talk about it.
AdamM
(adamm @ bbn-unix)
------------------------------
Date: 3 Jan 1984 1618-PST
From: Chuck McManis <MCMANIS@USC-ECLC>
Subject: Passwords etc
The state of the art in terminal design is such that what used to be a
small minicomputer is now regularly included in the terminal as
"smarts." These rather sophisticated microcomputers are capable of any
number of physical parameter analysis given the hardware or even
limited voice recognition capabilities. For instance, if one were to
include a 256K buffer (additional 8 chips) and an Analog to Digital
converter (one chip) And a rather simple Fourier transform algorithim,
you could program your terminal to only go "online" when *you* said
"open sesame!". Also a computer could verify your login by asking the
terminal for the results of its fourier analysis (probably 10 to 20
floating point numbers) and compare them to its files. We all know how
tough it is to get a voice interface to recognize the same word from
more than one person now so I don't see how even a good impressionist,
even if he/she new your passphrase could duplicate it. One might
additionally place a ETM type card reader on any RS232 line for access
verification. Simply slip in your card and login as yourself (with
your password) and poof! you must be physically there or your card
wouldn't be there. If you lose you card, cancel it, and you should be
able to do that before anyone who found it had guessed your password.
Both of these systems are implementable today, in the future I think
we can look forward to a simple thumbprint scanner for verification,
this is a bit tougher due to the image processing constraints and
equipment cost restraints.
--Chuck
P.S. Note that in the above Voice suggestion the floating point
numbers could be encrypted as character strings and the
encryption sent. you could still defeat it by trying to guess
the numbers but 20 10 digit numbers with floating decimal point
could be hard to crack.
------------------------------
Date: 3 Jan 1984 1724-PST
From: Chuck McManis <MCMANIS@USC-ECLC>
Subject: Usenet messages
Another point to consider on the relative quality of usenet vs.
Arpanet messages might be that a large fraction of the ARPA computers
are based in "think tanks" and colleges. Whereas a usenet computer can
be anything from a research computer at some large company to an IBM
pc in someones home. Giving access to an entirely different sort of
computer user.
--Chuck
------------------------------
End of HUMAN-NETS Digest
************************