Subject: RISKS DIGEST 17.33
RISKS-LIST: Risks-Forum Digest Friday 8 September 1995 Volume 17 : Issue 33
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
***** See last item for further information, disclaimers, etc. *****
Contents:
Virtual reality damages vestibular-ocular reflex? (Daniel P. B. Smith)
Sony satellite dishes REMOTELY reprogrammable? (Robert L Krawitz)
Password cracking 'improves' security (Duncan Booth)
Total data loss (T H Pineapple)
Viruses Plague Microsoft Programs (Edupage)
Word Macro virus, platform crossing, and VBA (Rob Slade)
Re: Two Way HOV Lane (Bill Hefley)
"Computers Ethics and Social Values" by Johnson/Nissenbaum (Rob Slade)
Cybersobriety/new book: Democracy & Technology (R.E. Sclove)
Software Assessment: Reliability, Safety, Testability (Friedman and Voas)
Network Security '95, final program information (SANS'95)
ABRIDGED info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Thu, 7 Sep 1995 21:51:25 -0400
From:
[email protected] (Daniel P. B. Smith)
Subject: Virtual reality damages vestibular-ocular reflex?
Electronic Engineering Times, 14 Aug 95, has an article entitled "Neural VOR
predicts illness." According to the article, "A complete model of the
vestibular-ocular reflex (VOR) was demonstrated here at the World Congress
on Neural Networks. The neural-network-based model accurate mimics not only
the behavior of a VOR but the abnormal behavior of damaged VORs.
Separately, the author estimates that at least two months' exposure to
inaccurate virtual-reality simulations could damage health VORs."
Choose your interpretation... does this highlight a RISK of virtual reality,
or a RISK of drawing real-world conclusions from computer modelling?
Daniel P. B. Smith
[email protected]
------------------------------
Date: Fri, 8 Sep 1995 09:19:21 -0400
From: Robert L Krawitz <
[email protected]>
Subject: Sony satellite dishes REMOTELY reprogrammable?
An article in the _Boston Globe_ 8 Sept 1995 mentioned that some Sony
miniature satellite dishes have a problem, the nature of which is that the
screen freezes and the audio drops for a second or two. What raised my
eyebrows was a comment by a Sony official that the company is investigating
the possibility of downloading a fix into the dishes (the problem is
apparently software in nature, with the result being that the tuner doesn't
lock properly). This would require no action on the part of users, and the
TV set (in the words of the article) would not need to be on when the fix
was downloaded for it to have effect.
If the official knew that this kind of remote reprogramming facility exists
(as opposed to this person being a PR flack just blowing smoke), well, the
possibilities may be left to the imaginations of my fellow RISKS readers.
Robert Krawitz <
[email protected]>, Member of the League for Programming Freedom
-- mail
[email protected] Tall Clubs International --
[email protected]
------------------------------
Date: Thu, 07 Sep 1995 09:52:54 +0100
From: Duncan Booth <
[email protected]>
Subject: Password cracking 'improves' security
The following extract is from an advertisement for a program called WDPass:
Never lose your passwords again. For many organisations the
major deterrent to using the security features in programs
such as WordPerfect and Lotus 1-2-3 is the fear of
rendering crucial files inaccessible by losing or
forgetting passwords. It is logical to have an immediate
solution to recovering passwords and enhancing security.
WDPass can immediately recover lost passwords and, thus
access locked files allowing users to feel secure in using
passwords to lock confidential files.
[Ingram Micro Services advertisement in September 1995 issue
of Connectivity (a newsletter published by the PC User Group)]
The program claims to work for a variety of Wordperfect, Microsoft, Lotus
and Borland file formats. I find it hard to believe that anyone could read
this advert and think that buying a program that breaks the passwords on all
of their files will make the confidentiality of their data more secure, but
the risk is that out there are some senior executives gullible enough to
think that this allows them to rely entirely on password protection of
documents instead of more traditional locks and keys.
Duncan Booth, RCP Consultants Ltd, Didcot, OXON UK
[email protected]
------------------------------
Date: Fri, 8 Sep 95 12:17 BST-1
From:
[email protected] (T H Pineapple)
Subject: Total data loss
If you're returning a hard disk to a data recovery firm, do make sure
the couriers don't wind up having their van hijacked...
dude://
[email protected]. Netsurf & Opticality.
[email protected]
http://www.thenet.co.uk/~almat/ [ photogenics ] [ windows '95 companion ]
[Yes, in case you are wondering. It REALLY happened.
The details are being withheld because of forensics and legal
processes. Stay tuned. Maybe we will hear some more later. PGN]
------------------------------
Date: Fri, 1 Sep 1995 04:24:21 -0400 (EDT)
From: Educom <
[email protected]>
Subject: Viruses Plague Microsoft Programs (Edupage, 31 Aug 1995)
A strange virus is invading documents created with Microsoft's popular Word
program. While it doesn't destroy files or cause serious damage, it changes
files into templates, which can then be awkward to work with or transfer.
Microsoft is distributing a fix that gets rid of the virus and inoculates
against future contamination, available though help lines or at <
http://www.microsoft.com >. (Wall Street Journal 30 Aug 95 B2) Meanwhile,
some would-be Windows 95 users are complaining that they get stuck after the
first disk. A Microsoft spokeswoman says that a virus already on the users'
computers is at fault -- when it's activated by the first Windows 95 disk,
it prevents any other disks from being installed. Details on how to fix the
problem will be forthcoming, but meanwhile, users who install the program
via floppy disk should use a virus checker to scan their systems first and
set the write-protect tab on their program disks before installing them.
(Houston Chronicle 31 Aug 95 C1)
Edupage is written by John Gehl (
[email protected]) & Suzanne Douglas
(
[email protected]). Voice: 404-371-1853, Fax: 404-371-8057.
------------------------------
Date: Wed, 06 Sep 1995 00:34:48 EST
From: "Rob Slade" <
[email protected]>
Subject: Word Macro virus, platform crossing, and VBA
In regard to the recent postings on the Word.Macro/WinWord.Concept virus by
Paul Ducklin, Gene Spafford and others, there are some related developments
of note.
As the postings have said, the concept of macro or interpreted viral
"programs" has been known, experimented with and theorized for some time. A
major factor in the success of such a virus is a "critical mass" of
compatible systems. For a time the Rexx language appeared to be poised on
the brink of "success" as a cross platform macro environment, and currently
there is interest in MIME (Multi-purpose Internet Mail Extensions). Neither
of those systems, however, has yet become a major player.
By a quirk of chance I have recently reviewed a number of books on
Microsoft's Visual Basic. All of them have mentioned Microsoft's move
towards Visual Basic for Applications, or VBA. This is to be a fully
compatible programming/scripting/macro environment replacing and augmenting
the various macro functions in Microsoft products. Once VBA is implemented,
a macro virus word not merely be able to spread from WinWord to MacWord
documents, but to Excel, Access, FoxPro and a host of other applications as
well. Indeed, from the information in the books, Microsoft is interested in
licensing VBA to other developers for inclusion in non-MS applications.
Perhaps it's time to turn off the macro "autoload" capabilities in all
your applications?
[email protected] [email protected] [email protected]
Author "Robert Slade's Guide to Computer Viruses" 0-387-94311-0/3-540-94311-0
[Hey, folks, this is not really a virus. It is a Trojan horse, akin to
the letter bombs of yore that contained squirreled nonprinting characters.
As a reminder, we had a fine discussion in RISKS-16.55 and 56, begun by
Mike Crawford, on the risks of Trojan horses in PostScript files. PGN]
------------------------------
Date: Wed, 30 Aug 95 11:57:49 EDT
From: Bill Hefley <
[email protected]>
Subject: Re: Two Way HOV Lane (Weinstock, RISKS-17.30,32)
My colleague, Chuck Weinstock, recently reported to this forum a terrible
accident that happened here in Pittsburgh, PA, regarding a head-on collision
between two vehicles travelling in opposite directions on a high occupancy
vehicle (HOV) lane. Several people were killed in this accident, and two
individuals remain hospitalized. This HOV lane is supposedly only open in
one direction at a time.
There are three new developments in this incident, according to last night's
news:
1) There have been news reports of at least three other incidents of cars
travelling in both directions simultaneously in the HOV lane--three more
potential head-on crashes occurring just since the fatal accident last week.
2) An employee of the state department of transportation (PennDoT) who had
been responsible for manually opening and closing the gates and turning
on/off the signs to control access to the HOV lane was fired yesterday. His
attorney reportedly admitted that he had opened the south end of the lane
before closing the north end (in violation of procedure) and then lied to
investigators by claiming that he had followed procedures. There may be
criminal charges filed against the former PennDoT employee.
3) PennDoT reportedly is planning to spend a million dollars to upgrade the
control system and signage for this HOV lane. According to the news
reports, it sounds like they are planning to put into a central location a
set of manually-operated switches to control the gates and signs, much as
they are manually controlled in the field by a single operator now.
IMHO, I'd have serious concerns about this sort of "automated" control
system coupled with the use of a manual checklist. The same potential
problem for human error or failure to follow the checklist could still
exist, if the appropriate safety mechanisms are not built in. The only
difference is that the problem has now merely moved from the physical gate
and sign devices to a control panel in a central facility. All one needs to
do is look at the prior literature on human error in control rooms to
validate this concern.
For example, in the nuclear power industry, estimates of human error (as a
percentage of system failures) range from twenty to sixty-five percent
[Moray88]. Within a particular type of system, operating power plants, 15
to 30% of reported events occurring during operation involved a human error
component [Griffon-Fouco87]. Of these events:
- -- approximately 80% occur during operation and periodic tests
- -- about 50% occur in the control room
- -- almost 40% of these errors are evidenced by inappropriate user
actions [Griffon-Fouco87].
Related studies [Meclot & Griffon-Fouco88] have indicated a number of deep
causes of these human failures. Although sixty-two percent of the
significant incidents can be attributed to the ergonomics of the workplace
and the organization of the work, another fifty-six percent can be
attributed to failure to follow procedures (26%), content of procedures
(16%), task complexity (11%) and the form of the procedures (3%).
Taken from these prior studies, procedure following in a control room is
still far from perfect reliability--human error can still occur. I hope
that PennDoT does more than just add in switches to manually control the HOV
lane, and also incorporates appropriate interlocks into their control room.
References:
Griffon-Fouco, M., & Ghertman, F. (1987). Data Collection on Human Factors.
In J. Rasmussen, K. Duncan, & J. Leplat (eds.), New Technology and Human
Error [Chap. 18]. (B. Wilpert, Series Ed.) (New Technologies and Work). (pp.
193-207). Chichester, UK: John Wiley & Sons.
Meclot, B., & Griffon-Fouco, M. (1988). L'Analyse des Incidents et
L'Interface Homme-Machine. In Man-Machine Interface in the Nuclear Industry
[IEAE-CN-49/34]. Tokyo, Japan. (IAEA Proceedings Series). (pp. 51-60).
Vienna, Austria: International Atomic Energy Agency.
Moray, N. P., & Huey, B. M. (eds). (1988). Human Factors Research and
Nuclear Safety. Washington, D. C.: National Academy Press.
Bill Hefley - Senior MTS, Software Engineering Institute, Carnegie
Mellon Univ. Pittsburgh, PA 15213 +1-412-268-7793
[email protected]
[Note added on 8 Sept 1995: The fired worker has now been charged with
involuntary manslaughter and faces as much as 31 years in prison. Not
only did he open the gates in the wrong order, but he knew of the
accident and failed to radio it in or offer assistance, his fire
extinguisher, or any help. BH]
------------------------------
Date: Sat, 02 Sep 1995 00:42:25 EST
From: "Rob Slade" <
[email protected]>
Subject: "Computers Ethics and Social Values" by Johnson/Nissenbaum
BKCMETSV.RVW 950609
"Computers, Ethics & Social Values", Johnson/Nissenbaum, 1995, 0-13-103110-4
%A Deborah Johnson
%A Helen Nissenbaum
%C One Lake St., Upper Saddle River, NJ 07458
%D 1995
%G 0-13-103110-4
%I Prentice-Hall, Inc.
%O +1-201-236-7139 fax: +1-201-236-7131
[email protected]
%P 714
%T "Computers, Ethics & Social Values"
Johnson's earlier book, "Computer Ethics" (cf. BKCMPETH.RVW), may be considered
the preeminent work in the field. This collection of papers, co-edited with
Nissenbaum, enhances, but does not extend, that prior work.
Ethical problems may be divided into a number of groups in the computer world.
Three stand out in particular. Some dilemmas arise from a conflict of agreed
"good" values. These are the situations described in moral scenarios: should
the poor man steal the medicine necessary to cure his wife from the inventor
who will not reduce his price. A second class have to do with unknown or
unpredictable situations. In the non-computer world, an example would be
megaprojects of unknown environmental impact. The third grouping would include
situations where a vast majority hold to a certain standard of behaviour, while
a minority act otherwise. Cults and certain brands of terrorism would fall
into this category.
Most non-computer ethical discussion is directed at the first class of
problems, and most works on morality in computing follow suit. The articles in
this book go a bit further. Chapter five, and parts of six and seven, raise
issues related to group two problems. The ethical analysis is, however,
limited and tentative. The inclusion of articles by Stallman, and Dorothy
Denning's interview with Frank Drake, would seem to be an attempt to discuss
the third type of issues. The bulk of the work, though, speaks with a single
voice from the position of conventional morality, yet fails to address
realistically the problem of bringing outsiders into the fold.
The papers seem to have a fair distribution between academic and popular works.
Be forewarned: some of the latter have a Saturday-magazine level of accuracy
to the information. Non-American readers should note a heavy reliance on
American case and constitutional law, although most discussions are
sufficiently detailed as to raise common law issues.
copyright Robert M. Slade, 1995 BKCMETSV.RVW 950609
Vancouver Institute for Research into User Security, Canada V7K 2G6
[email protected] [email protected] [email protected]
------------------------------
Date: Tue, 29 Aug 1995 13:08:17 -0500 (EST)
From:
[email protected]
Subject: Cybersobriety/new book: Democracy & Technology
Richard E. Sclove, _Democracy and Technology_
(New York: Guilford Press, 1995).
Paperback ISBN 0-89862-861-X; hardcover ISBN 0-89862-860-1.
The book develops a constructive agenda for democratizing all domains of
technology--ranging from household to workplace, government, urban
infrastructure, medicine, farming, etc.
[For further information, contact
Dick Sclove, Executive Director, The Loka Institute, P.O. Box 355,
Amherst, MA 01004-0355, USA 413 253-2828; Fax 413 253-4942
[email protected] World Wide Web:
http://www.amherst.edu/~loka/
or
[email protected]. PGN]
------------------------------
Date: 29 Aug 1995 16:52:39 -0800
From: "Friedman, Michael A" <
[email protected]>
Subject: Book: Software Assessment: Reliability, Safety, Testability
Book: Software Assessment: Reliability, Safety, Testability
Authors: Michael A. Friedman & Jeffrey M. Voas
Publisher: John Wiley & Sons, New York (1-800-225-5945)
ISBN 0-471-01009-X; Hardbound, $54.95
Is software quality testing really effective or just a waste of time? The
skeptics conclude that it is an exercise in futility to try to measure the
reliability and safety of these complex systems under all critical
circumstances. They contend that quality assurance comes only through a
strict adherence to rigorous development process models. In this
groundbreaking book, Michael Friedman and Jeffrey Voas dispel that myth.
They demonstrate that extremely accurate, cost-effective software quality
testing can now be a reality, thanks to powerful new analytical tools.
Central to the approach outlined in Software Assessment is an assessment
optimization technique called testability analysis. Pioneered at the
College of William and Mary and NASA by Jeffrey Voas, testability analysis
predicts the likelihood that latent bugs will be detected through testing.
Because no test oracle is required, testability analysis can be automated.
The book offers a balanced presentation of theory and practice. Featuring
exhaustive coverage of the foundations of reliability, safety, and
testability, it uses real-world examples, illustrations, and clear
descriptions to explore all of the latest techniques for assessing those
qualities.
Contents
Introduction
1. The Balls and Urn View of Software Testing
2. The PIE Assessment Model of Software Testability I
3. The PIE Assessment Model of Software Testability II
4. Designing Toward the Tester's Utopia
5. Software Safety
6. Assessment of Safety-Critical Software Units
7. Software Reliability Modeling
8. Software Reliability Growth Modeling
9. System Modeling
10. Software Reliability Prediction, Allocation and Demonstration Testing
11. Generating Test Cases
Index
------------------------------
Date: 7 Sep 1995 11:15:30 -0400
From:
[email protected] (SANS'95 Conference Office)
Subject: Unix Network Security '95, final program information
[You don't know what SANS is? The official message that I trimmed down
for RISKS didn't say. The NS is presumably Network Security, but
WITHOUT SANS (bad franglais pun) deacronymization, it is hard to tell. PGN]
The entire program lasts a week (November 13 - 18) with in-depth courses on
Monday through Wednesday and on Saturday. The multi-track Technical
Conference is on Wednesday and Thursday.
[Send E-mail to
[email protected] or phone 719-599-4303 for full program
and registration information. PGN]
TECHNICAL CONFERENCE PROGRAM
Unix Network Security 95 (November 16-17, Washington D.C.)
Thursday, November 16, 1995
9:00 - 10:30 Keynote Address Keynote: "Early Insecurity" Peter Salus
Track 1: Remainder of Thursday
11:00 - 12:30 pm
Session 1-1: "Legal Issues of Computer Security"
2:00 - 3:30
Session 1-2: Intruder Profiles and Incident Response Experiences
"Current Trends in Intruder Methods", Moira West or Tom Longstaff, CERT
"An Incident Response Case Study", Brent Mead, Jet Propulsion Laboratory
4:00 - 5:30
Session 1-3: Incident Response Case Studies, Randy Marchany, VPI
"Security in the Blacksburg Electronic Village"
"Email Harassment: the Aura of Anonymity"
Thursday
Track 2
11:00 - 12:30
Sessions 2-1: Intrusion Detection - Past, Present and Future
"Informal Methods of Intrusion Detection", Matt Bishop, Univ. California Davis
"An Introduction to Intrusion Detection Modeling", Karl Levitt, UCDavis
2:00 - 3:30 pm
Session 2-2: Current Intrusion Detection Systems and
Future Trends: A Panel, Moderated by Dorothy Denning, Georgetown University
Panel Members:
Becky Bace, Department of Defense
Karl Levitt, University of California at Davis
Teresa Lunt, ARPA/ITO
4:00 -5:30 pm
Session 2-3: Encryption Alternatives: Overview and Applications
Dr. Robert Baldwin, RSA Data Security, Inc.
Both tracks: 5:45 - 6:45 pm
Special Bonus Session and Contest:
The Best Security Stories of 1995 Contest Winners
E-mail (before September 12) your abstract and complete
contact information (name, title, organization, address,
telephone, fax, email address to
[email protected].
Evening: BOFs 8:00 to 10:00
Friday November 17
Track I
9:00 - 10:30 am
Session 1-4: Intruders and Incident Response
"Network Intruder Profiles", Gene Shultz, SRI
"Building An Incident Response Team for Your Organization", Gene Shultz, SRI
10:45 am - 12:15 pm
Session 1-5 Firewalls - Design Issues and Case Studies, Part I
"An Overview of Firewall Design and Selection Criteria", Marcus Ranum
"Case Study: A Winding Road To Security", Marcus Ranum
1:15 to 2:45
Session 1-6 Firewalls - Design Issues and Case Studies, Part II
"Case Study: A Secure Firewall Implementation", Paul Vixie, Vixie Enterprises
"Firewalls Into the 20th Century - Where Do We Go From Here", Fred Avolio,
Trusted Information Systems
3:00 - 3:45
Session 1-7: "Case Study: Experiences In Implementing A Network
Authentication System In A Large Commercial Site", Bryan Koch,
Norwest Technical Services
Track 2
9:00 - 10:30
Session 2-4: "Surviving the Battlefield of Security Policy
Design and Implementation", Michele D. Crabb, Sterling/NASA Ames,
Todd Welch, Sterling/NASA Ames, plus one other speaker to be announced
10:45 - 12:15
Session 2-5: "Insecurity in the PC-UNIX Realm",
Kenneth R. van Wyk, Defense Information Systems Agency
and two associates to be named at the conference
1:15 - 2:45
Session 2-6: Potpourri One - Real World Experiences
"Case Study: Whom Shall I Say is Calling?", Hal Pomeranz - The NetMarket Co.
"Four Short Case Studies: Variations On A Theme", Darren Reed,
Cybersource Software Services (Australia)
3:00 - 3:45
Session 2-7: Potpourri Two - Real World Experiences
"Augmenting Security in a UNIX Environment", Steve Lutz, Chase Manhattan
Both Tracks
3:45 - 4:30
Session 8: Plenary Session
"The Taking of Clark", Bill Cheswick, AT&T Bell Labs
4:30 - 4:45 Summing Up: The Conference Chairpersons
List of Full-Day Intensive Courses:
COURSE M1: UNIX Security Threats and Solutions (Basic)
Dr. Matt Bishop (Univ. of California at Davis)
(NEW and UNIQUE) COURSE M2: Firewalls: Principles, Six Key Pitfalls, and
Finding The Right Solution, Bruce D. Wilner
(NEW AND UNIQUE) COURSE T8: Building a Successful Security Infrastructure
Michele Crabb, Sterling Software Inc. for NASA Ames Research Center
COURSE T9: Advanced Topics in UNIX Security
Dr. Matt Bishop, University of California at Davis
(EXPANDED) COURSE W16: UNIX Security Tools: Use and Comparison
Dr. Matt Bishop (Univ. of California at Davis)
COURSE W17: Network Security, the Kerberos Approach
Dan Geer, Open Vision
Four Half-Day Post Conference Workshops
Workshop S51:
(NEW) Security and the World Wide Web, John Stewart, Cisco
Workshop S52:
(New and Unique)Workshop on Security Policy Design and Implementation,
Michele Crabb, Sterling at NASA Ames
Workshop S53:
Survival Strategies: Ten Keys To Giving Winning Technical Presentations
Alan Paller, President, The CIO Institute
Workshop S54:
Survival Strategies: Great Technical Writing Made Easy, Carolyn Sherman
------------------------------
Date: 6 September 1995 (LAST-MODIFIED)
From:
[email protected]
Subject: ABRIDGED info on RISKS (comp.risks)
The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks.
SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on
your system, if possible and convenient for you. BITNET folks may use a
LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. [...]
DIRECT REQUESTS to <
[email protected]> (now majordomo) with one-line,
SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:]
INFO [for further information]
CONTRIBUTIONS: to
[email protected], with appropriate, substantive Subject:
line, otherwise they may be ignored. Must be relevant, sound, in good taste,
objective, cogent, coherent, concise, and nonrepetitious. Diversity is
welcome, but not personal attacks. [...]
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
RISKS can also be read on the web at URL
http://catless.ncl.ac.uk/Risks
RISKS ARCHIVES: "ftp unix.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>
cd risks<CR> or cwd risks<CR>, depending on your particular FTP. [...]
[Back issues are in the subdirectory corresponding to the volume number.]
Individual issues can be accessed using a URL of the form
http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]
ftp://unix.sri.com/risks [if your browser accepts URLs.]
------------------------------
End of RISKS-FORUM Digest 17.33
************************
