Subject: RISKS DIGEST 17.54
RISKS-LIST: Risks-Forum Digest Friday 15 December 1995 Volume 17 : Issue 54
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
***** See last item for further information, disclaimers, etc. *****
Contents:
16-year-old boy cracks university computer security
Another sign spoof (Joshua Levy)
Software Keeps Trains on Track (Eleanor Wynn)
Classified Disks Lost--Court Martial (David M Kennedy)
Invaders in Eastern Washington [more squirrels] (David Burlingame)
See you in the funny pages (Don Alvarez)
Risks of grammar checkers (Bruce Wampler)
Anonymity (Winn Schwartau)
Technology risks: an old but familiar tale (Victor Yodaiken)
Better than French card tricks: Australian Customs Shuffle (Karl Reed)
Pick a personality type, any personality type ... (Rob Slade)
Just Say No to Censorship (Audrie Krause)
Committee Slaps the Net -- Again (Craig A. Johnson via Stanton McCandlish)
Re: False Alarms in Digital Systems (Mark Lomas, John R. Sowden)
"The Underground Guide to Computer Security" by Alexander (Rob Slade)
ABRIDGED info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Wed, 13 Dec 95 12:15:14 PST
From: "Peter G. Neumann" <
[email protected]>
Subject: 16-year-old boy cracks university computer security
Jim Batterson of Richmond VA sent me a clipping of an article from
the Richmond Times-Dispatch, 9 Dec 1995, B1.
A Lancaster PA teenager was visiting with a student at Eastern Mennonite
University, and was given the student's password. The teenager used that
password to log on, download some hacking tools from a BBoard, and gave
supervisor privileges to everyone -- including access to everything,
including forthcoming final exams, private e-mail, and faculty documents.
(Student and financial records are kept elsewhere.) EMU spokesman Jim
Bishop said, "Apparently, none of the students rifled through material they
shouldn't have seen." [How can you tell? In many systems today, privileged
and even normal reads do not show up in directory listings, and few sites
run anomaly-detecting software that monitors read access! PGN]
------------------------------
Date: 16 Dec 1995 00:31:44 GMT
From: Joshua Levy <
[email protected]>
Subject: Another sign spoof
This little note is from Herb Caen's column in the 15 Dec 1995
* San Francisco Chronicle*:
Add storm notes: Some pixies rejiggered the electronic Caltrain sign on
I-80 in Richmond Tuesday night, transforming ``Off Ramp Closed'' to
``Boo OJ,'' but nobody can figure out how they did it.
I'm sure the readers here can come up with more RISKy applications for this
"rejiggering" technology.
Details: The sign was almost certainty a "caltrans" sign, not a caltrain
sign. Caltrans handles the roads, caltrain handles the trains. Personally,
I bet Caltrans knows how it was done, but whoever reported this to Herb Caen
did not.
Joshua Levy <
[email protected]>
------------------------------
Date: 14 Dec 95 05:06 GMT
From:
[email protected] (Eleanor Wynn)
Subject: Software Keeps Trains on Track (Edupage, 7 December 1995)
Next month Union Pacific and the Burlington Northern Railroad Co. will test
a satellite-based computer system to monitor locomotives' speed and
location. The software flashes a warning to crew members when a train
exceeds a safe speed, and if the advice is ignored, the system activates
robotic technology to apply the brakes. When fully implemented, the system
could save railroads $30 million a year by preventing accidents caused by
human error, plus whatever additional savings are realized through more
efficient tracking by dispatchers. (Investor's Business Daily, 6 Dec 1995,
A6)
[Edupage is written by John Gehl (
[email protected]) & Suzanne Douglas
(
[email protected]). Voice: 404-371-1853, Fax: 404-371-8057.]
------------------------------
Date: Wed, 13 Dec 1995 10:10:11 -0500
From: David M Kennedy <
[email protected]>
Subject: Classified Disks Lost--Court Martial
Courtesy of PA News and CompuServe's Executive News Service
NAVY CHIEFS LOST TOP SECRET DATA AFTER PUB VISIT
PA News 11/12/95 16:59
>> Naval commanders lost two top secret computer discs on a train
journey from London, a court martial heard today.
The officers had given a presentation to a Navy wages review team
using the discs.
After stopping in a pub for a few beers they took a train back to their
unit in Petersfield, Hants, where they discovered to their horror that the
3.5ins discs had gone. <<
:: "severely reprimanded" by the court.
:: No Top Secret information was copied to the disks, but the computer
used to copy some information to the disks was cleared for Top Secret
work.
:: Loss not reported until the following morning, by which time,
passengers had discovered and turned in the disks to the railway.
>> "The computer they had used was cleared for top secret work --
anything downloaded on to those discs became top secret but there
was only a little bit of confidential information on them. There was
nothing top secret. "This was a fairly new machine and had not had top
secret material on it."<<
:: One officer fell on his sword and admitted his error.
:: The other officer claimed he "doesn't handle secret material regularly.
He is an instructor officer and he has never received formal training in
the use of classified material." The article states he is a Lt Cdr with 10
years of service.
[DMK Comment: "Severely reprimanded" Oooo I'm sure that set a good
example! The embarrassment is a more severe punishment. Perhaps the
US should have "severely reprimanded" Pollard and Ames?]
Dave Kennedy US Army MP, CISSP
[email protected] volunteer SysOp National Computer Security Assn
------------------------------
Date: Wed, 13 Dec 1995 17:06:06 -0800 (PST)
From: David Burlingame <
[email protected]>
Subject: Invaders in Eastern Washington [more squirrels]
>From the Walla-Walla Union Bulletin dated 6 December 1995 (page 1):
Squirrel Disrupts Downtown
by Bryan Corliss (of the Union-Bulletin)
A clumsy squirrel brought the high-tech financial hub of
Southeast Washington crashing down this morning.
The squirrel touched one line carrying 69,000 volts of elec-
tricity and another carrying 12,000 volts at the same time,
said Rich Bielby, Pacific Power's assistant operations
manager in Walla Walla.
The resulting explosion and fire inside Pacific Power's
central substation near the corner of West Rose Street
and Sixth Avenue killed the squirrel - and all power to
almost 4,000 downtown customers, Bielby said.
"Isn't that something," mused County Extension Agent Walt
Gary, who heard the explosion in his office across the
street. "It isn't even a native animal here."...
The RISKS? If you're a squirrel, many. Just shows (yet again [...])
how any system can be crippled by quite unforeseen rodents (bugs).
dAVe Burlingame 206 386-4680
[email protected] Seattle Public Library 1000 4th Ave Seattle WA 98104
[The RISKS archives now include about half a dozen such squirrel attacks.
We seem to report toothy inciDENTS, acciDENTS, and roDENTS. PGN]
------------------------------
Date: Tue, 12 Dec 1995 10:43:52 -0500 (EST)
From: Don Alvarez <
[email protected]>
Subject: See you in the funny pages
There was a story on NPR this morning (Tue Dec 12) about IRS policies
for collecting sales tax from cartoonists. Apparently, if you are a
cartoonist who provides cartoons to a newspaper on paper, then you
must collect sales tax _but_ if you submit those same cartoons
electronically (over fax or modem, for example) then you are not
required to collect sales tax. Does this mean that it's 6% cheaper to
buy any "work of art" over the internet?
Don Alvarez
[email protected] 412-268-8953 VOICE 412-681-0648 FAX
------------------------------
Date: Fri, 15 Dec 95 13:04:09 MST
From:
[email protected]
Subject: Risks of grammar checkers (Smith, RISKS-17.53)
> The problems with the grammar checker are not subtle. ... It exists only
> because it makes a good demo and looks good on a bullet-list chart.
This is an interesting statement because it actually points out some
interesting RISKS. First is the risk of not understanding the software you
are using, caused by a second risk of adding features to get a "checkmark"
without really knowing what the consequences are.
I was the main author and software architect for the grammar checker
Grammatik, which is now a part of WordPerfect (and NOT the one used by
Microsoft.)
One of the main limitations of grammar checkers is a very high false error
rate. Certainly in an error-free document, the false error rate would be
100%. Most documents are not error-free, and in practice the false error
rate is closer to 30 or 40%. While that is very high, that still means that
60% of the time, the grammar checkers are finding real errors. For native
English speakers, this is actually quite a valuable service.
In 1992, Microsoft decided that 60% was good enough and that grammar
checking should be an integral part of word processing. The major
competitors followed Microsoft's lead, so now the major word processors all
have grammar checking. Because of this, users probably expect the grammar
checking to work as well as the spelling checking, which it DOES NOT.
As stand-alone products, the user manuals included with grammar checkers
clearly pointed out that many of the flags were false errors. Many of flags
are also judgment calls. Passive voice is fine, even standard for some
technical writing, but is still weak and ineffective for most other writing.
Because of the uncertain nature of the error flags, most of the suggestions
are couched with words such as "may be" or "consider."
Even with carefully worded wimpy suggestions, there are a couple of
problems. First, if the user has not been educated to expect a large number
of false errors, then they often become irritated and give up on the
program. A far worse problem and RISK is when the user does not understand
proper English well enough to separate the false flags from the true errors.
Then following the suggestions of the program can lead to incorrect results.
For many years, grammar checkers were stand-alone products, and the decision
to use one was an active choice -- the user knew about the product, and
usually was aware of the limitations. Since grammar checking has become a
standard feature of word processing, this self-filtering is gone.
The fact is that given the nature of the problem, commercial grammar
checkers are really quite good and valuable, given an understanding on how
to best use them. Unfortunately, the managers at Microsoft and
WordPerfect/Novell consider the issue settled. They have their checkmarks,
and as far as I know, not much new work is being done to improve the state
of grammar checking.
Bruce E. Wampler, Ph.D. (
[email protected])
Adjunct Professor, Department of Computer Science, University of New Mexico
------------------------------
Date: Fri, 15 Dec 1995 17:18:21 -0500
From:
[email protected]
Subject: Anonymity
Strange thing happened recently.
I received some e-mail from penet.fi, the Finish anonymous remailer. They
gave me an account "at my request." I never requested it though. I asked
them how this happened and they swear it was me.
Spoofing. Kevin Mitnick adapted my electronic identity on the Internet 18
months ago and did some nasties which required some explanation. (Hard to
do, I might add!)
I've heard of this penet.fi happening to another person. Anyone else? Any
ideas?
Winn Schwartau - Interpact, Inc. Information Warfare and InfoSec
V: 813.393.6600 / F: 813.393.6361
[email protected]
------------------------------
Date: 12 Dec 1995 15:34:28 GMT
From:
[email protected] (Victor Yodaiken)
Subject: Technology risks: an old but familiar tale
"People's distrust of the high-pressure engines was confirmed when the
boiler of a stationary engine exploded at Greenwich on 8 September 1803. It
was the usual tale; the boy who had been trained to work the engine went off
to catch eels and a labourer stopped the engine without releasing the safety
valve." Richard Hills, _Power from Steam_, Cambridge 1989.
------------------------------
Date: Wed, 13 Dec 1995 14:20:13 +1100 (AEDT)
From:
[email protected] (Karl Reed)
Subject: Better than French card tricks: Australian Customs Shuffle.
The Computer Centre at Monahs University ordered a copy of a very fast
FortanII called (as I recollect Quicktran) from a westcoast software company
in about 1967. This was to run on their recently installed, 32k word
CDC3200, and was for student use...
The deck (several boxes of punched cards) was in absolute binary, which
meant that it had no sequence numbers and could only be read by humans with
some difficulty. The (very expensive) deck duly arrived, and would not load.
In those days, there was only airmail, telex and the telephone, so it took
some time before Tony Adams (now Prof. and Dean of International Programs at
the Royal Melbourne Institute of Technology) finally accepted that a working
deck had been dispatched. He decided to track the consignment's passage
through customs, to see what had happened, and discovered a customs officer
who recalled that some other person had dropped two of the boxes, spilling
them. They had simply been picked up (having been randomised by the
experience), and had been sent to Monash without cooment.
A working deck eventually arrived, and worked well...
Prof. Karl Reed, Director, Amdahl Australian Intelligent Program, La Trobe
University, Bundoora 3083, Melbourne Victoria, Australia +61-(0)3-9479 1377
------------------------------
Date: Thu, 14 Dec 1995 22:29:16 EST
From: "Rob Slade" <
[email protected]>
Subject: Pick a personality type, any personality type ...
[email protected] is starting to bug me. But the story of yet another
spammer, trying to sell yet another silly gizmo over the cyberspace waves is
not necessarily of interest. Bear with me, please, for a couple of
paragraphs.
Fred is trying to sell a "learning machine". It takes the "subliminal
teaching" idea one step further by attaching a headset. Presumably the
headset flashes either pictures or (more likely) random patterns at you.
If you browse over to
http://Zygon.com, you'll find them trying to sell
you the whole setup (less the (presumably) audio CD player) for an
incredibly discounted price of about 300 bucks. For this low, low
price, you also get your choice of five "courses", on the CDs.
As I ran through their offerings, one jumped out at me. They have
"self improvement" courses. You know the type of thing: how to be more
assertive, how to be more successful, how to make a million, how to
make out.
Now, I'm not really afraid of Fred and his friends. They are out to con a
few people and make a few bucks. But what if someone *does* manage to come
up with a legitimate teaching/training machine, one of these days, that does
work as advertised? (Science finction stuff, maybe, but disquieting none
the less.) Being unable to get unpopular varieties of apples at the store
is one thing, but what happens to requisite variety when everyone wants, and
has the means, to become a grinning supersalesperson? What happens to
psychodiversity when everyone tries to get that little edge in
assertiveness?
OK, everyone back to worrying about the real world, now.
[email protected] [email protected] [email protected]
Author "Robert Slade's Guide to Computer Viruses" 0-387-94311-0/3-540-94311-0
------------------------------
Date: Thu, 14 Dec 1995 05:47:38 -0800
From: "Audrie Krause" <
[email protected]>
Subject: Just Say No to Censorship
* * * * * * Open Letter to President Clinton & Congress * * * * * *
CPSR will forward the attached letter to President Clinton and Congress on
Tuesday, reflecting the position of CPSR's Board of Directors regarding the
censorship provisions in the telecommunications deregulation legislation now
pending before Congress.
Please share the letter freely as long as this notice is not removed and
CPSR is identified as the originator.
********************************************************************
December 12, 1995
President Clinton and Members of Congress,
On behalf of Computer Professionals for Social Responsibility (CPSR), I am
writing to urge an immediate halt to Congress's attempt to censor the
Internet. The legislation you are considering adopting is the cyberspace
equivalent of padlocking the doors to public libraries, burning books and
shutting down printing presses. Congress must not enact, and President
Clinton must not sign, a law that censors free speech on the Internet.
CPSR is a public interest alliance of computer professionals and computer
users concerned about the impact of computer technology on society. We work
to influence decisions regarding the development and use of computers
because those decisions have far-reaching consequences and reflect our basic
values and priorities.
As technical experts, CPSR members provide the public and policymakers with
realistic assessments of the power, promise, and limitations of computer
technology. As concerned citizens, we direct public attention to critical
choices regarding applications of computer technology, and how those choices
affect society.
As American citizens, our right to free speech is guaranteed by the First
Amendment to the U.S. Constitution. We have the same right to free speech
in cyberspace as we have with other forms of the printed word.
Most Americans consider free speech the cornerstone of a free society. But
many members of Congress -- incredibly -- support language in the sweeping
telecommunications deregulation bill now pending before a joint Senate-House
conference committee that would criminalize a broad range of information
under the claim that it is harmful to children. These clauses of the bill,
while supposedly aimed at pornography, have such vague language that they
could be used to censor literary classics and public health information.
Given the open nature of networks such as the Internet, restrictions on
sending material that children might look at ends up keeping everyone from
speaking freely. The fear of being caught in the law's net will force many
networks to shut down. Thus, t he free flow of views we now have on the
information highway could be replaced by a controlled set of ideas dished
out by corporate broadcasters and monitored by prosecutors all over the
country. One example of the impact of the proposed legislation:
CPSR's Seattle Chapter sponsored the Seattle Community Network, a free,
public-access computer system for the public's benefit. SCN has over 6,500
users. Under the legislation proposed by Congress, if an individual member
of the SCN posted a message on an SCN forum or from SCN that was later
deemed to be "indecent," SCN could be fined $100,000, and SCN's Board of
Directors and staff could face two-year prison sentences. Without community
networks like SCN, the Internet will be out of reach of millions of
citizens.
CPSR does not dismiss the concerns of parents who want to shield their
children from inappropriate material. The whole point is that each parent
defines what is "inappropriate" differently. There are more flexible and
effective ways to screen what children see, than to have the government
impose censorship on everybody.
The issue before you is not about whether or not our children are exposed to
materials that some may find offensive or obscene. It's not about whether
or not parents should control what their children are exposed to on the
Internet.
It's about freedom of speech, which is a fundamental principle in our
society. It's a principle with widespread support. The vast majority of
American citizens, no matter what their political leanings, support free
speech. Those who oppose free speech are a small, shrill minority, and they
appear to want to tyrannize the rest of us in order to get their way.
President Clinton and Members of Congress, it is up to you to protect our
rights. That's why we elected you. Today, CPSR's 1,600 members are joining
with hundreds of thousands of other Americans in speaking out against this
attempt to censor free discourse in cyberspace. Many of you in Congress
ignored an earlier petition signed by 107,000 Internet users. Please don't
ignore us today. We are the People, and today we're exercising one of our
most important rights.
Sincerely,
Audrie Krause, Executive Director, CPSR, P.O. Box 717, Palo Alto, CA 94302
Tel: (415) 322-3778 Fax: (415) 322-4748 e-mail
[email protected]
------------------------------
Date: Wed, 13 Dec 1995 18:29:11 -0800 (PST)
From: Stanton McCandlish <
[email protected]>
Subject: Committee Slaps the Net -- Again (fwd)
To:
[email protected]
>From:
[email protected] (--Todd Lappin-->)
Date: Wed, 13 Dec 1995 13:06:10 -0800
Sender:
[email protected]
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
[Longish, but starkly subsetted by PGN -- first and last two paras.]
COMMENTARY by Craig A. Johnson
American Reporter Correspondent, Washington, D.C.
HOUSE-SENATE COMMITTEE SLAPS THE NET -- AGAIN
by Craig A. Johnson
American Reporter Correspondent
WASHINGTON -- "Indecency" language, as defined for broadcast media
by the Federal Communications Commission, seems now to be superglued onto
the telecommunications reform bill. [...]
In short, the committee is attempting to build a four-humped
camel from parts of the original Exon and Hyde measures in the bills --
and perhaps grafting on some of White's language, which grants more
generous protection to service providers who carry content and actively
try to keep "indecent" materials from being transmitted to minors.
This observer came away with the strong impression that the
committee fully intends to abrogate the First Amendment as it applies to
the Internet, despite some members' visible discomfort with the results.
[Send e-mail to cyber-rights for the full copy. PGN]
------------------------------
Date: Thu, 14 Dec 1995 18:16:06 +0000
From: Mark Lomas <
[email protected]>
Subject: Re: False Alarms in Digital Systems (Burgess, RISKS-17.53)
> ... The False Alarm Rate (FAR) of a home security system is 98%. ...
This statistic may be somewhat misleading.
During some consulting work for the British insurance industry on electronic
alarms I was told several of the modi operandi of British criminals.
A favourite trick is to cause false alarms specifically so that the police
will record an alarm as unreliable. In other words they will set off your
alarm, while carefully avoiding leaving any trace - they then go home.
Later they might set off your alarm again - the police record this as a
second false alarm when both were genuine. They repeat this until the
police regard the alarm as faulty then the thieves can go in with impunity.
A variant on this, which insurers have noted on several occasions, is to
attack the telephone exchange through which the alarm signals are routed.
The reason for doing this is that so many alarms are recorded (because
whoever is monitoring the alarms can no longer communicate with any of them)
that police or security firms don't know which alarm to respond to.
Fortunately I have not (yet) heard of occasions where people cause medical
alarms with the intention of preventing nursing staff from responding to a
subsequent emergency.
Mark
------------------------------
Date: Fri, 15 Dec 1995 12:34:35 -0800
From:
[email protected] (John R. Sowden)
Re: False Alarms in Digital Systems (Burgess, RISKS-17.53)
A remark was made regarding the 98% false alarm factor from home security
systems. This is the nationally recognized number which everyone hears.
We operate a Underwriters Laboratories Listed Central Station Alarm Company.
Since we monitor and maintain (service) our systems, we are very aware of
false alarms.
First, regarding the 98%:
* 75% are user errors. Let a friend in without the code, left a door/window
ajar, left a pet in an area with motion detectors, and on and on.
* 20% are equipment/power/telephone lines related. Alarms use a gell cell
to not only power the system in the event of a power failure, but it also
absorbs power fluctuations.
* 5% are valid activations. This does not necessarily mean an arrest, but a
pried window, vandalism, window smashed by wind in a storm, and on and on.
The 98% figure is used by city police departments to show that officer
response time is consumed by false alarms. We use a different statistic.
We track a ratio between the number of alarms (total, in a municipality,
etc.) and the number of actual dispatches. Our company statistic is about
6 per account per year. The 98% may still be valid, but the total number
of actual dispatches is low.
Most cities have alarm ordinances that inflict some penalty (money, etc.)
for excessive false alarms. Although I disagree with most of these
ordinances, since they are directed to raising revenue, not reducing false
alarms, the net effect is the responding officer will not continually
respond to a particular alarm very often because he/she knows that so it
will be dealt with by the administration. Also, there are enough alarms
that are valid intrusions, that the responding officers don't consider them
just another false alarm. No one wants to meet an third time offender (in
CA) when they are not prepared.
The answer to the false alarm issue for home security systems is for the
monitoring station and the service station to be one and the same. Most
alarm companies use a "remote monitoring company", sometimes in another
state, with tens of thousands of accounts. This arrangement lowers the
personal attention and lack of knowledge when "80 year old Mrs. Smith gets
up in the night and opens the wrong door".
One last comment regarding microprocessor based controls vs. relay or
transistor based controls. The newer controls allow for multiple zones, so
the alarm company knows which area tripped. They also allow for programming
the sensor loop response time (in milliseconds), so an old mechanical switch
that moves a little when the door rattles, thereby causing a 40 ms. alarm
signal, will not cause a police response.
I hope that I have cleared some possible concern regarding false alarms in
home security systems.
John Sowden, President, American Sentry Systems, Inc.
------------------------------
Date: Thu, 14 Dec 1995 11:45:36 EST
From: "Rob Slade" <
[email protected]>
Subject: "The Underground Guide to Computer Security" by Alexander
BKUNCMSC.RVW 951129
"The Underground Guide to Computer Security", Michael Alexander, 1996,
0-201-48918-X, U$19.95/C$27.00
%A Michael Alexander
%C 1 Jacob Way, Reading, MA 01867-9984
%D 1996
%G 0-201-48918-X
%I Addison-Wesley Publishing Co.
%O U$19.95/C$27.00 416-447-5101 fax: 416-443-0948
[email protected]
%O
[email protected] 800-822-6339 617-944-3700 Fax: (617) 944-7273
%P 239
%T "The Underground Guide to Computer Security"
This book is intended to address the security needs of personal (or desktop)
computers, and is one of the few that does. The content addresses those
vulnerabilities which *do* plague workstations, and is generally free of
"big iron" paranoia and concerns.
Alexander's style is a bit flippant, but not at the expense of the
information being conveyed. The organization is a trifle odd. (The first
half of the "Safe Desktops and Laptops" chapter deals exclusively with
passwords, even though few standalone machines use them. Password
generators and challenge/response systems, however, are covered in the
chapter on networks.) Technical details and specific suggestions do have a
number of errors, particularly when dealing with MS-DOS. For those in the
know, the chapter on viruses has some oddities, but nothing that would be
dangerous to the user.
Data security is a tedious and often confusing field. This book is only a
start, but could be quite helpful to the non-specialist.
copyright Robert M. Slade, 1995 BKUNCMSC.RVW 951129
Vancouver Institute for Research into User Security Canada V7K 2G6
[email protected] [email protected] [email protected]
------------------------------
Date: 6 September 1995 (LAST-MODIFIED)
From:
[email protected]
Subject: ABRIDGED info on RISKS (comp.risks)
The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks.
SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on
your system, if possible and convenient for you. BITNET folks may use a
LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. [...]
DIRECT REQUESTS to <
[email protected]> (majordomo) with one-line,
SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:]
INFO [for further information]
CONTRIBUTIONS: to
[email protected], with appropriate, substantive Subject:
line, otherwise they may be ignored. Must be relevant, sound, in good taste,
objective, cogent, coherent, concise, and nonrepetitious. Diversity is
welcome, but not personal attacks. [...]
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
RISKS can also be read on the web at URL
http://catless.ncl.ac.uk/Risks
RISKS ARCHIVES: "ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>
cd risks<CR> or cwd risks<CR>, depending on your particular FTP. [...]
[Back issues are in the subdirectory corresponding to the volume number.]
Individual issues can be accessed using a URL of the form
http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]
ftp://unix.sri.com/risks [if your browser accepts URLs.]
------------------------------
End of RISKS-FORUM Digest 17.54
************************
