Subject: RISKS DIGEST 15.21
REPLY-TO:
[email protected]
RISKS-LIST: RISKS-FORUM Digest Tuesday 2 November 1993 Volume 15 : Issue 21
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
Investment program turns into doomsday machine (Meine van der Meulen)
Direct E-Mail: J.S. McBride & Co. (anonymous)
"RSI does not exist" (Gavin Matthews)
Public relations (Phil Agre)
Procrustus (Bob Frankston)
Re: Magnetic Fields in Subway Cars (Peter Debenham, Andrew Marchant-Shapiro)
Re: Fiber Optic Cable Hazards (Bonnie J Johnson)
Re: Breakdown in computerised voter support, Oslo (H?vard Hegna)
Re: Ethernet addresses as port ids (Bob Rahe)
Virus Security Instituate VSI '94 Announcement (A. Padgett Peterson)
ESORICS 94: Call for Papers (Yves Deswarte)
The RISKS Forum is a moderated digest discussing risks; comp.risks is its
USENET counterpart. Undigestifiers are available throughout the Internet,
but not from RISKS. Contributions should be relevant, sound, in good taste,
objective, cogent, coherent, concise, and nonrepetitious. Diversity is
welcome. CONTRIBUTIONS to
[email protected], with appropriate, substantive
"Subject:" line. Others may be ignored! Contributions will not be ACKed.
The load is too great. **PLEASE** INCLUDE YOUR NAME & INTERNET FROM: ADDRESS,
especially .UUCP folks. PLEASE SEND REQUESTS FOR SUBSCRIPTIONS, archive
problems, and other information to
[email protected] (not automated).
BITNET users may subscribe via your favorite LISTSERV: "SUBSCRIBE RISKS".
Vol i issue j, type "FTP CRVAX.SRI.COM<CR>login anonymous<CR>AnyNonNullPW<CR>
CD RISKS:<CR>GET RISKS-i.j<CR>" (where i=1 to 15, j always TWO digits). Vol i
summaries in j=00; "dir risks-*.*<CR>" gives directory; "bye<CR>" logs out.
The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1".
<CR>=CarriageReturn; FTPs may differ; UNIX prompts for username, password.
There are also alternative repositories, such as
[email protected] .
If you are interested in receiving RISKS via fax, please send E-mail to
[email protected], phone +1 (818) 225-2800, or fax +1 (818) 225-7203 for
information regarding fax delivery. PLEASE DO NOT USE THOSE NUMBERS FOR
GENERAL RISKS COMMUNICATIONS; instead, as a last resort you may try phone
PGN at +1 (415) 859-2375 if you cannot E-mail
[email protected] .
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
----------------------------------------------------------------------
Date: Tue, 02 Nov 1993 13:43 +0100 (MET)
From:
[email protected]
Subject: Investment program turns into doomsday machine
>From the dutch newspaper "De Volkskrant", 2 November 1993:
The investment fund Groeigarant put the "Black Box" out of order. It was
designed by Ton Jongbloed, former president of Staal Bankiers, to advise
investors. He claimed on long term it would be twice as profitable as
investing in public loans. However the expert system EIS (Electronic
Investment Sector) proved to be a "doomsday machine". Only by disconnecting
it from the mains larger damage could be averted.
Roughly, the principle of the program was: buy when prices go down, sell
when prices go up. This policy was used for several funds selected by
Groeigarant. Several months already, prices on the Amsterdam stock market
are going up. Therefore, EIS issued orders to sell only. It sold almost all
the stocks Groeigarant had, and would have sold even more. The latter would
have led to a very risky situation. Selling stocks not available can lead
to severe losses when forced to deliver (and having to buy at even higher
prices).
Groeigarant says it will base its future investments on fundamental and
technical analysis of the stock market. Luckily, the consequences for the
fund have been kept to a minimum. Severe losses have been prevented. At the
moment the fund mainly possesses money, rather than stocks.
Meine van der Meulen, The Netherlands Organization for Applied Scientific
Research TNO, Department of Industrial Safety,
[email protected].
------------------------------
Date: Mon, 1 Nov 93 10:11:21 xST
From: [Anonymous]
Subject: Direct E-Mail: J.S. McBride & Co.
According to the Internet Business Report 1.3 (page 4), J.S. McBride and
Company are selling access to a database of Internet addresses, including
demographic information. They claim over one million entries. The net
address is
[email protected], and I am sure they would enjoy hearing
from anybody who would like to be removed from the list.
[Equifax revisited? PGN]
------------------------------
Date: Tue, 02 Nov 1993 00:44:16 -0700 (PDT)
From: Gavin Matthews <
[email protected]>
Subject: "RSI does not exist"
The Guardian, 1993-10-29 Friday
Keyboard injury does not exists, judge rules. Angella Johnson
Thousands of keyboards workers suffering the effects of what they believe to
be Repetitive Strain Injury were told by a High Court judge yesterday that the
condition did not exist. He suggested that keyboard users forced to give up
their jobs because of aching muscles and joint were ``eggshell personalities
who needed to get a grip on themselves''.
In a test case ruling that has implications for compensation claims by RSI
victims, Judge John Prosser, QC, declared in the High Court that RSI was
meaningless and has ``no place in the medical books''. He said the condition
was more psychosomatic than physical and rejected a claim for damages by
journalist Rafiq Mughal against his former employers Reuters news agency.
[There's twice as much again and a followup article `Rulings may only
delay claims avalanche' the same length.]
------------------------------
Date: Mon, 1 Nov 1993 22:10:23 -0800
From: Phil Agre <
[email protected]>
Subject: Public relations
A new article by Oscar Gandy sketches the role of computers in the shifting
place of public relations in policy formation in the US, together with some
instances of PR affecting policies about information technology. His very
useful central concept is the "information subsidy". He points out that many
organizations, from the press to the Congress, run on vast amounts of
information, but their ability to generate their own information is limited by
their budgets. PR people and lobbyists, funded by whoever has enough money
and a perceived stake in the outcome, fill the vacuum by supplying information
that is customized to fill the organization's needs while simultaneously
serving the interests of their patrons. The result is a growing
commercialization of the public discourse and the political process, a
development with worrisome implications for the cause of democracy. The full
reference is:
Oscar H. Gandy, Jr., Public relations and public policy: The structuration of
dominance in the information age, in Elizabeth L. Toth and Robert L. Heath,
eds, Rhetorical and Critical Approaches to Public Relations, Hillsdale, NJ:
Erlbaum, 1992.
Phil Agre, UCSD
------------------------------
Date: Tue, 2 Nov 1993 04:15 -0400
From:
[email protected]
Subject: Procrustus
Two minor incidents this week.
Twice I tried to leave my Sky-Gram phone number as a contact number. Once
when getting my car serviced and the other at Children's Hospital. In both
cases the data entry field knew what a phone number was and didn't like this
silly pin and other commentary. Of course, it would allow any extension
number. Or international number. The dark side of data validation and
unimaginative implementations.
My kids have hyphenated names. The hospital's system can't, of course, hack
hyphens. Neither can airline reservation systems. Can anyone explain this?
It's not as if hyphenated names are new. Do systems in the UK exhibit this
kind of silliness?
These observations aren't profound. They just point up the many petty bad
design decisions these systems are rife with.
Of course, my trip to the ER pointed out many other disappointments with the
DP departments. Analog X-Rays that I had to carry from the pediatrician's to
the hospital. The residents on duty had to ask for the same information that
the pediatrician already knew. In fact, since I relieved my wife midway
through the process, I didn't know the answers as well. If the details were
significant they would have affected the treatment. I won't even complain
about the amount of time wasted shuffling around. I'll just chalk this up to
the risks of nontechnology.
Many readers will, I am sure, applaud the hospital's cautious approach to
implementing technology and will point out that I didn't a prescription for a
lethal dosage of the wrong medicine. True. But a lack of knowledge can also
be dangerous. And wasting time is not a feature.
------------------------------
Date: Tue, 02 Nov 1993 13:36:48 +0000 (GMT)
From:
[email protected] (Peter Debenham)
Subject: Re: Magnetic Fields in Subway Cars
Following on from the item in Risks15.20, parts of London's Underground system
has (or at least 2 years ago had) the same problem of the electromagnetic
fields from the trains wiping data from floppy disks. One or two lines were
especially bad where the trains differed from the rolling stock on the other
lines. Whether the new rolling stock being introduced has solved the problem
or made it worse someone else will have to tell. Awareness of the problem was
variable.
Peter Debenham, Rm165, APR, Meteorological Office, London Rd., Bracknell,
Berks., UK. RG12 2SZ +44 (0)344 856974
[email protected]
------------------------------
Date: 2 Nov 93 08:45:00 EST
From: "MARCHANT-SHAPIRO, ANDREW" <
[email protected]>
Subject: Re: Magnetic Fields in Subway Cars (Drzyzgula RISKS-15.20)
In RISKS-15.20, Bob Drzyzgula <
[email protected]> notes his experience
with a paperclip while riding on the Washington Metro. While I was in
DC last spring, I didn't have much opportunity to move disks around,
but I did notice the Metro's emissions. We have a compass in our car
(after living in Chicago, navigating in the East requires one!) and I
could see it jump all over the place when we were traveling near the
Metro; the worst case was when passing OVER the metro tracks.
I'm not at all certain how strong a field is required to change data
on a floppy disk; but I will try an experiment this spring, just to
satisfy myself that it's safe to travel with my notebook!
I must confess that I used to have the same sort of question about the
Chicago Elevated system, and that I never had data erased while I was
using that to commute; In fact, I've never experienced floppy failure
at all; but it sounds like the Metro may be using a different
technology in its motors than the El, so it bears investigation...
Andrew Marchant-Shapiro, Depts of Sociology and Political Science, Union
College, Schenectady NY 12308 (518) 388-6225
[email protected]
------------------------------
Date: Tue, 02 Nov 93 09:55:53 EST
From: Bonnie J Johnson <
[email protected]>
Subject: Fiber Optic Cable Hazards
I read with interest the story about the Telecom Worker who had died from
accidentally getting a piece of fiber into his bloodstream. Since I didn't
see much activity on this list about it, I sent out messages to a Telecom and
Safety list.
You see, we pull, rehab and terminate our own fiber here and I certainly want
to warn our guys of possible hazards.
Some of the feedback I have received so far includes these:
"This sounds like a hazard which would be encountered in glassblowing shops.
Do you have a chem dept. with a glassblower on staff".
"I have been warned that your body does not see glass as a foreign object in
the same way that it sees wood for example. So a glass splinter will not itch
or irritate, and so it will work into your body. Once there it may meander
around and cause fatal problems. I frankly have no idea if this is true, it
was a warning given out at a reputable fiber optic termination class. It
certainly sounds like a good urban legend material".
"In my graduate fiber optics class, we were warned about this when the prof.
passed around some fiber. He told us to be careful to not stick our fingers
with the glass, because it was small enough to get into the bloodstream and
stop your heart. Now whether this is actually true or just a fiber optic
myth/ledgend, I'm not sure. However, I do trust that paticular professor
quite a bit. I don't think he told us that just to hear himself think.....".
Anyone one else get any pertinent personal replies they can pass along?
------------------------------
Date: Tue, 2 Nov 1993 15:15:04 +0100
From: H?vard Hegna <
[email protected]>
Subject: Re: Breakdown in computerised voter support, Oslo
Just some comments and clarifications to the message of Reidar Conradi
of Nov.1 1993 (RISKS-15.20). Basically the message is correct, but:
1) In Norway voters are automatically "registered" and eligible to vote from
the year when they reach 18. They do not have to "pre-register", as is common
in the US. The turn-out normally approaches 80 % of the registered voters in
the general election. "Electorate management" then is the check at the local
polling stations that the voters are in the electorate and that they have not
voted before, there or elsewhere. Most polling stations are placed in the
local public schools.
Oslo is one of 19 constituencies electing several Members of Parliament (MPs).
There are 165 MPs in all, Oslo's 360 000 registered voters elect 16 of them.
2) Two computer based electorate systems were used in this election. Both used
the schools regular PCs to save costs. The system that failed in Oslo was
based on a centralized register, with the PCs acting as terminals. The other
system, used in Bergen (the second largest city) was based on local PCs with
copies of the full register. This system worked well, but with some unexpected
costs. The Norwegian Data Ombudsman insisted that all the PC hard-disks be
replaced after the election, so that no copies or shadow disk images of the
register could escape. It is basic to Norwegian election laws that no-one
shall know who voted. The register itself should, of course, also be under
lock and key.
3) The Oslo voters had received a voting card shortly before the election.
This contained light-pen readable code that greatly simplified checking,
provided the system was running. One could of course vote without the card.
Proof of one's identity may have to be presented.
4) The breakdown in the communication from the schools to the central register
occurred because of what was variously called "a programming error in the
communication equipment", " a configuration error", "a last minute change for
reasons of better performance or functionality", and "a missing full-scale
test".
The communication was based on X.25 and the trouble seems to come from a wrong
setting of X.3/X.29 PAD parameter 3, "Selection of data forwarding character".
A municipal commission of independent experts now studies the organisation,
procedures, user education, and systems of the election from "every angle".
It is not yet clear who commissioned the PAD setting, at what time, for what
purpose and under which control and testing scheme.
5) The Oslo municipal election board did not in fact unanimously recommend a
re-election. Based in particular on the fact that 700 votes cast at one of the
polling stations, had disappeared, they unanimously voted against sanctioning
the result. This left the decision on the question of re-election, to the
Parliament. The 700 votes were not lost as a direct result of the computer
failure, but probably disappeared in the general confusion after the polling
station closed and the counting started.
6) All in all, the election was basically under control. Although the
municipal administration was clearly too optimistic with respect to the
blessings of computer technology, there were enough communication and computer
logs, manual backup routines, paper ballots, and envelopes around, to check
whether the final results where within generally acceptable error bounds.
Except for the one large loss of votes mentioned above, the errors were small
and of the size also expected in a manually run election, according to the
administration. They did not add up to an amount that would influence the
selection among the candidates.
7) The Government proposed last year that a wholly computerized voting system,
with Direct Recording Equipment and no paper ballots, could be tested in the
1993 general Election. This was rejected by the Parliament, partly as a
consequence of pressure from computer specialists, pointing to the US
experience, as reported in RISKS and elsewhere (thank you, all of you). The
1993 experience has done a lot to confirm that rejection.
8) An account of the expectations of the project leader for the Oslo election,
can be found in the "New Scientist" of Sept.11, 1993. One of the high-lights
is the following quote: "An election with only electronic voting can be much
more secure and correct than a paper-based one. But we feel the
(Parliamentary) commitee did not have the necessary knowledge to trust such an
advance in the use of technology."
9) A personal note: I consider the Oslo election a success, in the sense that
it demonstrates wonderfully the necessity of a system of control routines
_outside of_ the computer voting equipment. In particular that some form of
manually controllable paper ballots be available. A ballot that the voter can
read before it is placed in the urn, and that the counting personnel can count
manually as a precaution, or if necessary due to a close race, or an equipment
failure, or public scepticism. All other forms of control have to be based on
computer trust, and on total trust of the computer specialists involved.
As some-one wrote in an Oslo newspaper (Arbeiderbladet, Sept. 28), after the
Parliament decided against a re-election:
"Casting one's vote is as close to a sacred act as one can get in a modern
democratic secular society. The high-priests of modern technology should be
kept at arms length from the more sensitive parts of that act."
Havard Hegna, Norwegian Computing Center, Oslo, NORWAY
[email protected] (A
semi-governmental non-profit computer science research institute)
------------------------------
Date: Tue, 2 Nov 1993 07:55:08 EST
From:
[email protected] (Bob Rahe)
Subject: Re: Ethernet addresses as port ids (Peterson, RISKS-15.20)
In RISKS-15.20
[email protected] (A. Padgett Peterson) writes:
|>While Mr. Rahe is correct as far as a PING is concerned, the actual packets
|>*must* contain the actual hardware address of the sender in order for
|>the host/server to respond. The fact that the real address may be buried
|>a bit in the packet does not mean that it is not there.
Well, no, not true. The actual REAL ethernet address of the sender is
lost, from the receiver's point of view, once the packet passes through a
router (as another poster mentioned in the same digest). The address that IS
passed along inside the packet is the next layer up - the IP address. That
address is TOTALLY software driven and thus useless for identifying a port
in your scheme.
This discussion sort of assumes TCP/IP over ethernet. As was mentioned,
DEC does some things differently and I'm sure there are other schemes, but
the ethernet address isn't there past a router. (And lots of systems can
change their ethernet address anyway).
I'd suggest Comer's book on TCP/IP for a good discussion of the basics of
ethernet and TCP/IP nets.
------------------------------
Date: Tue, 26 Oct 93 10:19:59 -0400
From:
[email protected] (A. Padgett Peterson)
Subject: Virus Security Instituate VSI '94 Announcement
CONFERENCE ANNOUNCEMENT
VSI '94
Philadelphia, Pennsylvania - USA
March 29-30, 1994
Presented by the Virus Security Institute
"A Different Kind of Information Security Conference"
VSI '94 -- two intense days of interactive collaboration focused on the
development of a working information security model appropriate to both the
management and technical challenges of the mid-90s.
Security is not a book of rules; it is an organic and dynamic process.
This principle will be expanded through an agressive combination of speakers,
scenarios and solutions.
VSI '94 is not a hit-or-miss conference. The program is carefully
structured to provide not only state-of-the-art information but practical
techniques that "push the envelope".
DAY ONE: In the morning, industry experts will present a limited number
of papers dealing with state-of-the-art considerations divided into three
areas: scientific, technical, and managerial. This will provide a primer for
what is to follow.
In the afternoon, participants will restructure a traditional organization to
reflect the information security needs of the mid-90s. The Management Track
will address requirements for executives, financial and legal considerations,
operating parameters, policies and procedures, re-engineering, communications
requirements and a five-year plan. The Technical Track will explore tools and
techniques currently available, define requirements and techniques to preserve
vital information that may come under attack from any quarter, automation of
support functions, necessary networking and risk assessment.
Industry experts in each field will be present to make suggestions and offer
examples. The afternoon will be divided into segments for each of the tracks
with a focus provided for each. If the participants fail to reach a concensus
within the segment's alotted time, the legacy baseline will be used on the
next day.
Further planning is encouraged in the bar and at the reception.
DAY TWO: Each of the elements of the restructured model will be examined
and challenged, both by speakers and participants. Management will be given
legal, financial, and stockholder concerns to address. Technical will defend
against attack scenarios ranging from viruses to terrorists to incendiary cows
& leaking tunnels.
PLENARY: A recap of the proceedings analyzing strengths and weaknesses of
the model as developed, challenged, and improved.
PAPERS: We solicit papers/speakers focusing on the subjects of fiendish
attacks, brilliant solutions, organizational indifference, and
prognostication. The focus will be on salvation from the Networks (both
interpretations apply).
SITE: The entire conference floor of the Philadelphia Airport Hilton has
been reserved for VSI '94. Rooms for Birds-of-a-Feather meetings may be
reserved in advance, subject to availability. Facilities will be available
for larger, lengthy formal meetings on Monday, March 28. The hotel is
designed to facilitate "H" (hall) track sessions.
Room Rates: $72/night, single or double. Contact the Hilton (302)792-2700
The Hilton provides a complimentary continental breakfast to all hotel guests.
TRAVEL: Philadelphia International Airport (transportation from airport
provided by the Hilton) is served by most major airlines. Drive time from
either Washington, DC or New York is approximately 2 hours. AMTRAK serves
Philadelphia's 30th Street Station (local train available every half hour to
airport for Hilton pickup). Discounted airfares are available from Sand Lake
Travel (800)535-1116 / (407)352-2808 / FAX (407)352-2908
AMENITIES & AMUSEMENTS: Philadelphia is rich in attractions, from the
Liberty Bell to the Franklin Institute to the Art Museum to the bustling 9th
Street Market. Excellent shopping in both Philadelphia and tax-free Delaware.
Nearby is the famous Brandywine Valley, home of Winterthur, Longwood Gardens
and Andrew Wyeth. A full activities packet will be available to all
registrants.
INFORMATION: For more information, E-Mail or Fax:
EMAIL:
[email protected] (case sensitive)
FAX: (302)764-6186 (include E-Mail address, please)
Honorary/Convening Chairman - Dr. Harold Joseph Highland, FICS
Conference Chair: Pamela Kane Program Chair: Padgett Peterson
[email protected] [email protected]
Founding Members and Directors of the Virus Security Insitute
Vesselin Bontchev
Dr. Klaus Brunnstein
Dr. William Caelli
Jon David
Christoph Fischer
Ross Greenberg
Dr. Harold Joseph Highland, FICS
Pamela Kane
A. Padgett Peterson, P.E.
Yisrael Radai
Fridrik Skulason
Dr. Alan Solomon
------------------------------
Date: Tue, 2 Nov 1993 11:25:07 +0100
From:
[email protected] (Yves Deswarte)
Subject: ESORICS 94: Call for Papers
::::: Yves Deswarte - LAAS-CNRS & INRIA - 31077 Toulouse (France) :::::
:::: E-mail:
[email protected] - Tel:+33/61336288 - Fax:+33/61336411 ::::
European Symposium on Research in Computer Security
Brighton, United Kingdom, November 7th-9th, 1994
ESORICS-94 (European Symposium on Research in Computer Security) is organised
by The IMA in cooperation with AFCET (creator), BCS Security Special Interest
Group, and CERT-ONERA.
AIM AND TOPICS: The aim of this symposium is to further the progress of
research in computer security by bringing together researchers in this area,
by promoting the exchange of ideas with system developers and by encouraging
links with researchers in areas related to computer security, information
theory and artificial intelligence.
Papers are solicited in the following areas:
- Theoretical Foundations of Security-
security models and specifications, contribution of formal logic and
information theory, formal development techniques
- Secure Computer Systems-
operating system security, network security, security management,
virus and worms, contribution of artificial intelligence, contribution
of new architectures and new technologies
- Security in Data and Knowledge Bases-
- Security in other Applications-
transaction systems, process control, real time, distributed
applications
- Cryptography Applications-
authentication, key management, signature
- Security Verification and Evaluation-
formal methods, measure and evaluation of risks, measure and
evaluation of security, criteria, protocol verification
- Software Development Environments for Security-
- Operation of Secure Systems-
management, intrusion detection
- Security versus other requirements
Security and costs, performances, dependability, safety, reliability,...
All application fields are welcome (medical, industrial, financial,
copyright,...) as long as the proposals remain in the scope of
research in computer security.
This list is not exhaustive. Research papers, position papers and panel
proposals will be welcomed.
SUBMISSIONS: Six copies of papers or panel proposals should be submitted
to the program chair by March 25th, 1994 at the following address:
Gerard Eizenberg
CERT-ONERA ESORICS 94
2, avenue E. Belin
B.P. 4025
31055 Toulouse Cedex
France
The texts must be submitted in English. Papers should be limited to
6000 words, full page figures being counted as 300 words. Each paper
must include a short abstract and a list of keywords indicating
subject classification. Notification of acceptance will be sent by
June 24th, 1994, and camera-ready copies will be due on
September 1st, 1994.
Panel proposals should include title, proposed chair, tentative panelists,
a 2 or 3 paragraphs description of the subject, format of the presentation,
and rationale for the panel.
For further information and/or copy of the advance program when available,
send E-mail to Dieter Gollmann at the next address:
[email protected]
or write to:
Pamela Irving
Conference Officer
The Institute of Mathematics and Its Applications
16 Nelson Steet
Southend-on-Sea
ESSEX SS1 1EF
United Kingdom
IMPORTANT DATES:
Submission deadline: March 25th, 1994
Acceptance notification: June 24th, 1994
Camera-ready copy due: September 1st, 1994
GENERAL CHAIR: Roger Needham (University of Cambridge, United Kingdom)
PROGRAM COMMITTEE
CHAIR: Gerard Eizenberg (CERT-ONERA, France)
VICE-CHAIR: Elisa Bertino (Universita di Milano, Italy)
Bruno d'Ausbourg (CERT-ONERA, France)
Thomas Beth (Universitaet Karlsruhe, Germany)
Joachim Biskup (Universitaet Hildesheim, Germany)
Peter Bottomley (DRA, United Kingdom)
Yves Deswarte (LAAS-CNRS & INRIA, France)
Klaus Dittrich (Universitaet Zuerich, Switzerland)
Simon Foley (University College, Ireland)
Dieter Gollmann (University of London, United Kingdom)
Franz-Peter Heider (GEI, Germany)
Jeremy Jacob (University of York, United Kingdom)
Sushil Jajodia (George Mason University, USA)
Helmut Kurth (IABG, Germany)
Teresa Lunt (SRI, USA)
Giancarlo Martella (Universita di Milano, Italy)
Catherine Meadows (NRL, USA)
Jonathan Millen (MITRE, USA)
Emilio Montolivo (Fondazione Ugo Bordoni, Italy)
Roger Needham (University of Cambridge, United Kingdom)
Andreas Pfitzmann (Technische Universitaet Dresden, Germany)
Jean-Jacques Quisquater (UCL, Belgium)
Einar Snekkenes (NDRE, Norway)
ORGANISING COMMITTEE
Dieter Gollmann (University of London, United Kingdom)
Pamela Irving (IMA, United Kingdom)
------------------------------
End of RISKS-FORUM Digest 15.21
************************
