Subject: RISKS DIGEST 15.35

Subject: RISKS DIGEST 15.35
REPLY-TO: [email protected]

RISKS-LIST: RISKS-FORUM Digest Weds 22 December 1993 Volume 15 : Issue 35

FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Contents: [HAPPY HOLIDAYS!!!]
Airport lessons for InfoSec (Mich Kabay)
Sham CD-ROMs (Mich Kabay)
Smart Cars and Highways (Mich Kabay)
Risky Demo Offer (Rex Wheeler)
"Re-Chipping" Stolen Mobile Phones (Brian Randell)
Interactive TV: electronic democracy, risks to privacy, etc. (John Gray)
Trouble with funny place names (Mark Brader)
Mexico Turns Off Quake Warning System (Frank Carey)
Wireless Laptop Eavesdropping (Andrew Duane)
Re: Harry Erwin on Digital Woes (Lauren Wiener)
Question About Singapore Lottery Crime (Sanford Sherizen)
ISOC Symposium on Network and Distributed System Security (Dan Nessett)

The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks.
Undigestifiers are available throughout the Internet, but not from RISKS.
Contributions should be relevant, sound, in good taste, objective, cogent,
coherent, concise, and nonrepetitious. Diversity is welcome, but not
personal attacks. CONTRIBUTIONS to [email protected], with appropriate,
substantive "Subject:" line; others may be ignored! Contributions will not
be ACKed; the load is too great. **PLEASE** include your name & legitimate
Internet FROM: address, especially .UUCP folks. If you cannot read RISKS
locally as a newsgroup (e.g., comp.risks), or you need help, send requests
to [email protected] (not automated). BITNET users may subscribe
via your favorite LISTSERV: "SUBSCRIBE RISKS".

Vol i issue j, type "FTP CRVAX.SRI.COM<CR>login anonymous<CR>YourName<CR>
CD RISKS:<CR>GET RISKS-i.j<CR>" (where i=1 to 15, j always TWO digits).
Vol i summaries in j=00; "dir risks-*.*<CR>" gives directory; "bye<CR>"
logs out. The COLON in "CD RISKS:" is vital. CRVAX.SRI.COM = [128.18.30.65];
<CR>=CarriageReturn; FTPs may differ; UNIX prompts for username, password.
WAIS and [email protected] are alternative repositories.

IF YOU CANNOT GET RISKS ON-LINE, you may be interested in receiving it
via fax; phone +1 (818) 225-2800, or fax +1 (818) 225-7203 for info
regarding fax delivery. PLEASE DO NOT USE THOSE NUMBERS FOR GENERAL
RISKS COMMUNICATIONS; as a last resort you may try phone PGN at
+1 (415) 859-2375 if you cannot E-mail [email protected] .

ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.

----------------------------------------------------------------------

Date: 14 Dec 93 05:48:02 EST
From: "Mich Kabay / JINBU Corp." <[email protected]>
Subject: Airport lessons for InfoSec

>From the Associated Press newswire through Executive News Service (GO ENS)
on CompuServe:

Airport Security, By JAMES H. RUBIN (Associated Press Writer)

WASHINGTON (AP, 11 Dec 1993) -- Security is so poor at some of the
nation's airports considered vulnerable to terrorists that federal
investigators easily slipped past checkpoints and wandered around
unchallenged.

The article goes on to state that investigators were rarely challenged as they
walked through restricted areas even though they dressed informally and tried
to draw attention to themselves. One agent successfully brought a grenade
through metal detectors and inspection procedures. The inspectors often saw
other unauthorized people in restricted zones.

Apparently security regulations are not taken seriously at many airports; there
are few if any consequences for breaches of security.

Although this story has nothing to do with computer security, I cite it as yet
another example of how important human factors are to security in general.
Management must take security (including information security) seriously and
apply rewards for compliance and punishment for failures. Employees need
security awareness training and security drills. I would like to see
intrusions as a normal part of security testing.

Michel E. Kabay, Ph.D. Director of Education National Computer Security Assn

------------------------------

Date: 14 Dec 93 05:48:35 EST
From: "Mich Kabay / JINBU Corp." <[email protected]>
Subject: Sham CD-ROMs

>From the United Press International newswire via Executive News Service (GO
ENS) on CompuServe:

Woman indicted in CD-ROM scam

SAN JOSE, Calif. (UPI, 10 Dec 1993) -- Federal officials said Friday a
grand jury has indicted a San Jose woman for allegedly importing more than
900 counterfeit CD-ROMs from Hong Kong with the intent to sell them in the
United States. U.S. Attorney Mike Yamaguchi said an indictment for software
piracy had been handed down against Clare Waioi Sham, 29, of San Jose, and
her company, C-88 International Corp.

The article mentions that this is the first software theft indictment
involving CD-ROMs.

Personally, I think the best part of this story is that the person accused of
preparing to sell counterfeit CD-ROMs is named "Sham."

Michel E. Kabay, Ph.D. Director of Education National Computer Security Assn

------------------------------

Date: 14 Dec 93 05:47:43 EST
From: "Mich Kabay / JINBU Corp." <[email protected]>
Subject: Smart Cars and Highways

>From the Washington Post newswire, 12 Dec 1993, through Executive News
Service (GO ENS) on CompuServe:

Smart Car 54, Where Are You?; Washington's Latest Billion Dollar Boondoggle:
Does Anyone Care? (By Marcia D. Lowe)

COMPUTER-EQUIPPED cars driving themselves on automated highways. A scene
out of "The Jetsons?" Not exactly. Smart cars and highways have quietly
emerged as the latest and most expensive proposal to solve the nation's
traffic problems. Government spending on the little-known Intelligent
Vehicle and Highway Systems (IVHS) program is expected to exceed $40 billion
over the next 20 years. (By comparison, in the first 10 years of the
Strategic Defense Initiative, Washington spent $30 billion.) Even more
astonishing is the total lack of organized opposition to the idea, despite
evidence that smart cars and highways may well exacerbate the very problems
they are supposed to solve.
IVHS would put computers in charge of everything from timing the traffic
signals to deciding which route each car should take - and, eventually, to
doing the actual driving. In the early stages, a dashboard screen would
display maps while a synthesized voice would purr directions to the driver.
Later would come the crowning glory of IVHS, the Automated Highway System.
Once commuters keyed in their destination, they could just sit back and
enjoy the ride - maybe even take a nap. Cars would hurtle along, bumper to
bumper, at speeds measured in miles per minute.

The article continues with the following key points:

o $218 million of federal funding in 1993
o claims of improved safety are unproven
o central computer failures could lead to massive accidents
o proponents concerned with limiting liability for failures
o proposed fuel savings from smoother driving could be lost through higher
speeds
o main proponent of scheme is IVHS America, supported by 500 organizations
including IBM, AT&T, Rockwell, General Motors, Chrysler, Ford
o minor attention given to smart public transport, priorities for
high-occupancy vehicles

Participants in RISKS will shudder at the thought of testing computer programs
design to control thousands of cars in lockstep at 200 kph. I wouldn't enjoy
being part of the beta-test population. I wonder how much attention will be
paid to deliberate or accidental interference?

o Presumably information will be transmitted through radio-frequency modems.
What will the unique identifiers be for each car. What happens if two cars
have the same identifier?

o How will partial or total breakdown of the control systems be handled?
Car-to-car signalling?

o What methods will be put into place to prevent spurious instructions from
being accepted by car controllers?

I find the concern with legal liability an alarming indication of where we're
headed.

Good fun for those interested in reliability and security; not so good fun for
early users, I fear.

Michel E. Kabay, Ph.D. Director of Education National Computer Security Assn

------------------------------

Date: Thu, 16 Dec 93 13:10 EST
From: Rex Wheeler <[email protected]>
Subject: Risky Demo Offer

I received an interesting thing in the mail yesterday. It was an unsolicited
advertisement/demo for a mail system to run on a Novel PC LAN. It came with a
disk that included the instructions: 1) Log into your server as SUPERVISOR, 2)
Create a directory for the mail software (In SYS:PUBLIC), 3) copy the contents
of the floppy to the new directory, and 4) Run the install program.

There is also a postcard that you can send in to receive a free t-shirt. All
you have to do is provide your Name, Title, Company, Address, Telephone, Fax,
Signature, and your "unique code number" (which presumably the software will
provide you.)

To sweeten the offer there is another card you can send in to enter to win a
Jeep and other prizes. This card asks for similar information.

If you run the demo and follow the instructions, you will have executed
unknown software from a fully privileged account, and told this company where
to find you and your computers.

Sounds like an great opportunity for a Trojan Horse. The "unique code number"
could also easily contain information that indicates what else is on your
system that may be of interest to this company.

Rex Wheeler [email protected] (365-8705) [email protected]

------------------------------

Date: Wed, 15 Dec 1993 11:52:29 GMT
From: [email protected]
Subject: "Re-Chipping" Stolen Mobile Phones

[Following is the complete text of an article in the 15 Dec 1993 edition of
the (UK)Independent. I am somewhat surprised at the claimed extent of
"re-chipping" of stolen mobile phones, and at the fact of it being legal, but
have no basis on which to dispute the facts as stated. Brian Randell, Dept.
of Computing Science, University of Newcastle, Newcastle upon Tyne, NE1 7RU,
UK [email protected] +44 91 222 7923]

LOOPHOLE ON STOLEN PHONES ATTACKED,
Patricia Wynn Davies, Political Correspondent

BRITAIN'S latest crime wave - the reprogramming of hundreds of thousands of
stolen mobile telephones - is legal, while the necessary technology is openly
advertised in newspapers and magazines. Telephones automatically barred from
networks when a theft is reported are re-entering the system in their
thousands after being "rechipped" by people the law does not treat as
criminals.

Robert Maclennan, the Liberal Democrat home affairs spokesman, has written to
Michael Howard, the Home Secretary, urging the closure of the legal loophole.
Organised rings of mobile phone thieves were getting "easy pickings" amounting
to about 350M pounds a year, Mr Maclellan said.

The rechipping process, involving the reprogramming of serial numbers so that
the network no longer recognises the phone as the stolen original, can be
easily accomplished using equipment that can be plugged into an ordinary home
computer.

Chipping services offered by dealers and openly advertised in trade magazines
and newspapers have been defended as a necessary facility for honest customers
buying second-hand telephones from previous owners who have run up bad debts
during the recession. But the biggest beneficiaries appear to be criminals.

The reprogramming racket has provided a ready outlet for small and big-time
thieves - the black market price of up to (pounds) 150 for a stolen cellphone
easily outstrips that of a stolen car stereo - while spawning a mini-industry
of "phone chippers" turning out new sets of chipping software each time a new
model is launched.

Thefts are estimated by the industry to be running at 10,000 a month, more
than 400 each day, while police forces around the country believe they account
for 40 per cent of city-centre car break-ins.

Mr Maclennan has told Mr Howard that the loophole could be easily closed with
a minor amendment to the 1984 Telecommunications Act in the forthcoming
Criminal Justice Bill.

"This is straightforward counterfeit, but astonishingly it is not illegal," he
said. "The police know who many of the crooks are, but cannot touch them."

A similar process of "cloning" a subscribers' serial and telephone numbers
into another person's phone results in innocent subscribers being billed for
fraudulent calls. Both processes render the phone untraceable.

------------------------------

Date: Thu, 16 Dec 93 14:02:33 GMT
From: John Gray <[email protected]>
Subject: Interactive TV: electronic democracy, risks to privacy, etc.

On UK television last night, a regular evening programme, "The Late Show" was
concerned with forthcoming developments in television. This centred around the
potential for high bandwidth and bidirectional communications offered by the
use of optical fibre for cable TV services.

This increase in the number of channels, some with an interactive content
(shopping channels, databases, computer games) would promote the concept of
configurable TV ("MeTV" was the name they chose) which allows the user to
decide what kind of things they wish to watch, and thus they will largely use
only one channel: the one they have configured.

Interestingly, one of the contributors raised the privacy issues: if you know
exactly what TV programmes someone likes watching, then you (or your computer
system) can tailor direct mail (and even TV adverts) to have the maximum
impact. The difference between this and standard audience research is that the
*viewer* builds a profile for the advertiser, when they configure the system.

Also in the programme, an executive for CBS raised the point that if everyone
only subscribes to compilation services, where does the original material
come from? If people select what they view in advance, will they miss out on
things that might entertain and enlighten them. The suggestion was made that
people will retreat much more into their own pursuits and that "community" will
suffer. What happens to people who are too poor to have cable, either because
their neighbourhood isn't cabled, or because they can't afford to subscribe.
They also touched on electronic democracy in this context: if you can't afford
to subscribe, will you have a voice on an equal footing with others?

Finally, a contributor from the EFF suggested that the Internet be used as a
model: the idea of providing these services to form communities controlled by
users rather than by large companies or governments. Sadly, it seems as if the
commercial attractions to advertisers and corporations will win out.

John Gray

------------------------------

Date: Fri, 17 Dec 1993 22:50:00 -0500
From: [email protected] (Mark Brader)
Subject: Trouble with funny place names

In the Usenet newsgroup rec.puzzles, there has been a little discussion
recently of place names with unusual characters. It was suggested
that Westward Ho!, England, was unique for containing the punctuation
mark "!", but then somebody topped this by calling attention to
Saint-Louis-du-Ha! Ha!, Quebec, Canada.

At this point I decided to look these places up in atlases to see
where exactly they are. The one I found Saint-Louis-du-Ha! Ha! in
was the Rand McNally Road Atlas, 1991 edition.

In the index, the place is spelled... "St.-Louis-du-Ha90 Ha90".

Mark Brader Toronto utzoo!sq!msb [email protected]

(P.S.: Westward Ho! is on the north coast of Devon, more or less
straight north of Plymouth. Saint-Louis-du-Ha! Ha! is about halfway
between Riviere-du-Loup, Quebec, and Edmundston, New Brunswick.)

------------------------------

Date: Sun, 19 Dec 93 15:21:52 EST
From: [email protected] (F E Carey +1 908 949 8049)
Subject: Mexico Turns Off Quake Warning System

Mexico's earthquake warning system has been turned off after failing at least
twice since it went into operation in August. In October a quake measuring
6.8 on the Richter scale hit but the alarm didn't sound. In November a false
alarm went out on a calm Tuesday evening. Technologically, the system is
fairly simple. Solar powered seismic detectors signal a desktop Olivetti.
Radio stations receive signal directly from the Olivetti system and broadcast
warbling tones like something from a science fiction movie. Professor of
Engineering Juan Manuel Espinosa Aranda, head of the warning system, said it
was tested for two years before going into operation. He said the two
failures resulted from simple, though lamentable, errors adding that it is
better to have a warning - even if it might be false - than simply to let
nature take its course. Not all share his view. Cinna Lomnitz, a seismology
professor, said: "Basically, this is an experimental system that should not be
broadcast to the public right off the bat. Indirectly, these people have
damaged our reputation as seismologists." Luis Abraham Villa, an office
assistant, said: "It creates collective hysteria. It really affects the older
people. They go crazy."

Reported in The New York Times, 12/19/93

Frank Carey at Bell Labs [email protected]

------------------------------

Date: Mon, 20 Dec 93 15:47:00 EST
From: [email protected] (Andrew Duane USG/PE)
Subject: Wireless Laptop Eavesdropping

I just saw a blurb on "The Computer Chronicles" about the last Comdex show,
which focussed on portables, laptops, notebooks, and accessories for them. One
new product, whose name I didn't catch ("AirLink"?) was a wireless device that
automatically downloads all of your modified files as soon as you get within
30 meters of your PC. There is no user interface at all. It even works through
walls.

The possibilities for data theft are endless. Apparently, there is not even a
warning that downloading is occurring. It seems that once these are common, an
industrial spy could wander O'Hare airport and download a lot of files if
he/she were so inclined.

Does anyone have more information on this product?

Andrew L. Duane, Digital Equipment Corporation USG Kernel Scalability
Nashua, NH 03062-2698 603-881-1294 [email protected]

------------------------------

Date: Thu, 16 Dec 93 17:38:23 -0800
From: Lauren Wiener <[email protected]>
Subject: Re: Harry Erwin on Digital Woes (RISKS-15.34)

I was certainly interested to read Mr. Erwin's contribution. "Digital Woes"
is intended to highlight a widespread problem to an audience that is
essentially oblivious to such matters (certainly not the RISKS audience!).
While the problem of unreliable and overly costly software is undeniably
widespread, it would be simple-minded to insist that it is universal.
Categories are ordinarily fuzzy; exceptions make life interesting, after all.
(I myself am having the pleasure, at present, of working for folks who write
specs!)

It is entirely possible that the project Mr. Erwin describes is such an
exception. If so, let me add my congratulations to Mr. Distaso's. However, I
am curious to learn more about this project -- especially if it *was*
exceptional. In particular, I am curious to learn:

* What was the purpose of the software?

* What was it supposed to do?

* Was the product actually used in real-world situations, as opposed to
testing?

* Were the acceptance tests specified in advance? Were they available to the
developers to use as they developed the software?

* If the product was used beyond testing, did it satisfy the real-world
requirements as well as the tests?

* If the project was a contract with the U. S. gov't, was it in the interests
of both the subcontractor and the government to declare the project a
success? Did this equate to a big career win for all the parties involved?
(Unfortunately, the incentives are often such that it is in the interests of
neither party to point out weaknesses in the product. This kind of
arrangement can make such congratulatory letters sound a bit hollow.)

It is entirely possible, of course, that the project Mr. Erwin describes had
none of these weaknesses, and was in fact a true and marvelous success. All
the more reason to learn more about it, if possible. It would be wonderful to
isolate even one factor that could help the rest of us.

------------------------------

Date: Mon, 20 Dec 93 19:03 EST
From: Sanford Sherizen <[email protected]>
Subject: Question About Singapore Lottery Crime

I am trying to find some detailed information about a recent case in Singapore
where a systems person who worked for the national lottery was able to fix or
determine in advance the winning number and tip off a friend who placed a bet.
The individuals were recently found guilty and sentenced. If anyone knows the
details, please post on RISKS or send to me. Thanks.

Sanford Sherizen Data Security Systems Natick, Massachusetts

------------------------------

Date: Mon, 20 Dec 1993 11:29:21 -0800
From: [email protected] (Dan Nessett)
Subject: ISOC Symposium on Network and Distributed System Security

Wednesday, February 2

6:00 P.M. - 8:00 P.M.
Registration and Reception

Thursday, February 3

7:30 A.M.
Continental Breakfast
8:30 A.M.
Opening Remarks
9:00 A.M.
Session 1: Electronic Mail Security
Chair: Steve Kent (BBN)
Certified Electronic Mail, Alireza Bahreman (Bellcore) and Doug Tygar
(Carnegie Mellon University), USA
Privacy Enhanced Mail Modules for ELM, Selwyn Russell and Peter
Craig, Queensland University of Technology, Australia
Management of PEM Public Key Certificates Using X.500 Directory
Service: Some Problems and Solutions, Terry Cheung, Lawrence
Livermore National Laboratory, USA
11:00 A.M.
Session 2: Panel: Public Key Infrastructure, Santosh Chokhani (MITRE),
Michael Roe (Cambridge University), Richard Ankney (Fischer, Intl.)
Chair: Miles Smid (NIST)
2:00 P.M.
Session 3: Protocols
Chair: Tom Berson (Anagram Labs)
Paving the Road to Network Security, or The Value of Small Cobblestones,
H. Orman, S. O'Malley, R. Schroeppel, and D. Schwartz, University of
Arizona, USA
A Complete Secure Transport Service in the Internet, Francisco Jordan
and Manuel Medina, Polytechnical University of Catalunya, Spain
3:30 P.M.
Session 4: Internet Firewall Design and Implementation
Chair: Jim Ellis (CERT)
Inter-LAN Security and Trusted Routers, Pal Hoff, Norwegian Telecom
Research, Norway
Trusted to Untrusted Network Connectivity: Motorola Authenticated
Internet Access -- MANIAC(TM), Bill Wied, Motorola, USA
BAfirewall: A Modern Firewall Design, Ravi Ganesan, Bell Atlantic, USA
A Network Perimeter With Secure External Access, Frederick Avolio and
Marcus Ranum, Trusted Information Systems, USA
7:00 P.M.
Banquet

Friday, February 4

8:30 A.M.

Session 5: Panel: All Along the Watchtower: Experiences and Firefights
Managing Internet Firewalls, Bryan Boyle (Exxon Research), Brent
Chapman (Great Circle Consulting), Bill Cheswick (AT&T Bell Labs),
Allen Leibowitz (Warner-Lambert), Paul Vixie (Vixie Enterprises)
Chair: Marcus Ranum (TIS)
10:30 A.M.
Session 6: Issues in Distributed System Security
Chair: Cliff Neuman (USC-ISI)
CA-Browsing System -- A Supporting Application for Global Security
Services, Denis Trcek, Tomas Klobucar, Borka Jerman-Blazic, and Franc
Bracun, Jozef Stefan Institute, Slovenia
The X.509 Extended File System, Robert Smart, CSIRO Division of
Information Technology, Australia
Auditing in Distributed Systems, Shyh-Wei Luan (VDG, Inc.) and Robert
Weisz (IBM Canada Laboratory), USA/Canada
1:30 P.M.
Session 7: Authentication
Chair: Dave Balenson (TIS)
The S/KEY(tm) One-Time Password System, Neil Haller, Bellcore, USA
A Technique for Remote Authentication, William Wulf, Alec Yasinsac,
Katie Oliver, and Ramesh Peri, University of Virginia, USA
Remote Kerberos Authentication for Distributed File Systems: As
Applied to a DCE DFS-to-NFS File System Translator, Thomas Mistretta
and William Sommerfeld, Hewlett-Packard, USA
3:30 P.M.
Session 8: Panel: IP Security Alternatives, K. Robert Glenn (NIST), Paul
Lambert (Motorola), David Solo (BBN), James Zmuda (Hughes)
Chair: Russell Housley (Xerox)

PROGRAM CO-CHAIRS

Russell Housley, Xerox Special Information Systems
Robert Shirey, The MITRE Corporation

GENERAL CHAIR

Dan Nessett, Lawrence Livermore National Laboratory

PROGRAM COMMITTEE

Dave Balenson, Trusted Information Systems
Tom Berson, Anagram Laboratories
Matt Bishop, University of California, Davis
Ed Cain, U.S. Defense Information Systems Agency
Jim Ellis, CERT Coordination Center
Steve Kent, Bolt, Beranek and Newman
John Linn, OpenVision Technologies
Clifford Neuman, Information Sciences Institute
Michael Roe, Cambridge University
Robert Rosenthal, U.S. National Institute of Standards and Technology
Ravi Sandhu, George Mason University
Jeff Schiller, Massachusetts Institute of Technology
Peter Yee, U.S. National Aeronautics and Space Administration

BEAUTIFUL SAN DIEGO

The Symposium venue is the Catamaran Resort Hotel, providing 7 acres of
gorgeous surroundings, facing Mission Bay and only 100 yards from
beautiful Pacific Ocean beaches. Spouses and family members can catch a
convenient Harbor Hopper for a quick trip to Sea World. After the
Symposium, plan to spend the weekend visiting La Jolla, the world
famous San Diego Zoo or Mexico, only 30 minutes by car or Trolley.

A limited number of rooms have been reserved at the Catamaran for the
very special rate of $77 single, $87 double. Reservations, on a space
available basis, can be made by calling (800) 288-0770 and indicating you are
attending the ISOC Symposium. Reservations must be made before Jan. 1,
1994 to ensure this rate.

CLIMATE

February weather in San Diego is normally very pleasant. Early morning
temperatures average 51 degrees while afternoon temperatures average 67
degrees. Generally, a light jacket or sweater is adequate during February;
although, occasionally it rains.

TRANSPORTATION

San Diego International Airport is 10 miles (15 minutes) from the
Catamaran Hotel. Supershuttle operates a continuous service between the
airport and the hotel: fare is $6.00. When you arrive at the airport, use the
free Supershuttle phone. Taxi fare between the airport and the hotel is $20.
The Catamaran charges $6 per day for parking.

REGISTRATION FEES

Postmarked Subsequent
by Jan. 1 registration

$305 $350

No refunds after Jan. 20.

REGISTRATION INCLUDES

- Attendance - Symposium Proceedings
- Reception - Banquet
- Luncheons - Coffee Breaks

On-site registration is available Wednesday evening at the reception, and
Thursday morning at the Symposium. For more information on
registration and local arrangements contact Dan Nessett at (510) 422-4033
or [email protected].

SYMPOSIUM REGISTRATION FORM

Name ________________________________________________

Affiliation__________________________________________

Name on Badge _______________________________________

Vegetarian Meals?____________________________________

Mailing Address _____________________________________

_____________________________________________________

_____________________________________________________

(Area Code)Phone # ___________________________________

Email Address _______________________________________

Make check (credit cards not accepted) payable to SNDSS94. (Registration is
not effective until payment is received). Mail to: ISOC Symposium, C/O
Belinda Gish, L-68, Lawrence Livermore National Laboratory, Livermore,
CA. 94550.

------------------------------

End of RISKS-FORUM Digest 15.35
************************