Subject: RISKS DIGEST 17.61
RISKS-LIST: Risks-Forum Digest Monday 8 January 1996 Volume 17 : Issue 61
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
***** See last item for further information, disclaimers, etc. *****
Contents:
Snowbound workers overload Nynex lines (Dave Tarabar)
Denver Airport baggage misdelivery prompts shutdown (Robert Charette)
Estimate of the effects of export controls on U.S. companies (PGN)
The Citibank hack, continued (David Kennedy)
How They Nailed "The Engineer" (Mark Thorson)
DPA: Crime on the Net (Mich Kabay)
CompuServe's Can of Worms (Edupage)
The risks of using obscenities (Daniel Hicks)
Metaphorplay on Compuservile (Henry Baker)
Re: Bavarian Police Censors CompuServe (David G. Bell, Russell Stewart)
CompuServe Overreaction (Klaus Brunnstein)
Re: Problems when PC BIOS is held in flash RAM (Sean Reifschneider)
Door-unlocked indicator increases risks? (John Light)
ABRIDGED info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: 07 Jan 1996 21:36:42 GMT
From:
[email protected] (Dave Tarabar)
Subject: Snowbound workers overload Nynex lines
It occasionally snows in Massachusetts. Last week most of the state got at
least twelve inches of snow in a storm that started Tuesday evening and kept
going most of Wednesday (3 Jan 96). The storm was forecast several days in
advance and many workers avoided a treacherous drive to work by staying home
and trying to telecommute.
Friday's Boston Globe had a short article that reported that Nynex
experienced a 50% increase in phone-line demand in some areas. This resulted
in some users having to wait for a dial tone and hearing quick busy signals
once they got one.
This appears to have been a minor and temporary inconvenience and we all got
back to work on Thursday. But I think back to the Blizzard of '78, when a
30+ inch snowfall closed down the state for almost four days. (The state
prohibited non-emergency travel and several major highways were blocked by
snow covered abandoned cars.) If that happened today, all of home modems and
fax machines that might be used by homebound workers might severely stress a
phone system that was already suffering from weather related equipment and
wiring breakdowns.
[And of course, it may have happened today? PGN]
-----------------------------
Date: 05 Jan 96 20:43:53 EST
From: Robert Charette <
[email protected]>
Subject: Denver Airport baggage misdelivery prompts shutdown
A recent AP item from Denver (Denver Baggage System Shutdown) indicates that
Denver's long-plagued automated baggage-handling system (most recently, see
RISKS-16.83), which finally went on-line in October 1995, has a software
problem that has caused its sole user (United Airlines) to shut down use for
inbound baggage -- which has been handled manually since 22 Dec 1995 pending
further analysis, even though the apparent software problem has been fixed.
On the other hand, only 15 of 27,706 bags missed their delivery on 22
December. (No details were available on the nature of the bug.)
------------------------------
Date: Mon, 8 Jan 96 08:01:15 PST
From: "Peter G. Neumann" <
[email protected]>
Subject: Estimate of the effects of export controls on U.S. companies
The Sunday *San Francisco Examiner and Chronicle* carried an item entitled
``Encryption Sales Ban Costs U.S. $60 Billion'' (7 Jan 1996), which quoted a
report of the Computer Systems Policy Project, sponsored by IBM, AT&T, and
11 other companies, estimating that in the year 2000 as much as 30 percent
of an estimated $200 billion computer systems market would be lost because
of the existing U.S. export controls on crypto technology.
------------------------------
Date: 05 Jan 96 03:04:30 EST
From: David Kennedy <
[email protected]>
Subject: The Citibank hack, continued
Russian pleads guilty to stealing from Citibank ...
[Courtesy of Reuters North America (4 Jan 1996)
and CompuServe's Executive News Service]
>> Russian pleads guilty to stealing from Citibank accounts <<
>> NEW YORK (Reuter) - A Russian national has pleaded guilty for his role
in a scheme to penetrate Citibank's computers, steal millions from corporate
accounts and transfer the funds to overseas accounts, federal prosecutors
said Thursday. Alexei Lachmanov, 28, faces a possible maximum sentence of
five years in prison and a $250,000 fine for participating in the scheme
that involved the illegal transfer of funds to bank accounts he controlled
in Israel. <<
o The gang's mastermind was Vladimir Levin who was arrested at Heathrow
Airport, London UK and is awaiting extradition.
o The prosecution believes Levin working in the Russian firm AO Saturn
manipulated the computers at Citibank to transfer funds to accounts in
Finland, Israel and Bank of America.
>> The charges against Lachmanov allege that in August 1994 he told
co-conspirators in Russia about his personal accounts in Tel Aviv, Israel. The
co-conspirators had gained unauthorized access to the Citibank Cash Management
System, which allows Citibank customers to access a computer network and
transfer funds from their Citibank accounts to accounts at other financial
institutions. <<
o Lachmanov admitted to transfers to account to five Tel Aviv banks, and
attempting to withdraw US$940,000 from those accounts.
o Three other members of the gang have pleaded guilty.
Dave Kennedy [US Army MP] [CISSP] Volunteer SysOp National Computer
Security Assoc
------------------------------
Date: Sun, 7 Jan 1996 21:26:01 -0800
From:
[email protected] (Mark Thorson)
Subject: How They Nailed "The Engineer"
There was a story tonight on the _60_Minutes_ television program on CBS
describing the recent assassination of a terrorist in Israel.
Known as "The Engineer", he designed bombs used in a number of terrorist
incidents in Israel. At the time of his death, he was in hiding.
According to the news story, he was killed by a bomb planted inside a
cellphone which was activated by a code sent to the cellphone. The story
was that the cellphone had been provided by a trusted person who was
presumably an Israeli undercover agent.
This implied that only one sabotaged cellphone exists. It seems more likely
to me that if you were tracking down a highly elusive enemy using
cellphones, you'd infiltrate many more than one cellphone.
GAZA-PHONES-ARE-US might be selling nothing but booby-trapped phones during
that end-of-the-year "blowout" sale!
Then, all you have to do is monitor enough telephone conversations until you
catch the guy while he uses one of your sabotaged phones. Send the code,
and BOOM!
This raises some interesting RISKS possibilities. Selective assassination
by dialing in a number? Can the system be hacked? Does the system make
mistakes? [What about, Sorry, wrong number?]
------------------------------
Date: 04 Jan 96 10:27:22 EST
From: "Mich Kabay [NCSA Sys_Op]" <
[email protected]>
Subject: DPA: Crime on the Net
>From the German Press Agency news wire via CompuServe's Executive News
Service; translated by MK with the help of Power Translator Deluxe 1.0 from
Globalink Inc:
Copyright DPA, 1995
EDV-Polizeiexperte: Kriminelle nutzen vermehrt Computernetze
Mu"nchen (DPA, 95.12.29) - Kriminelle nutzen fur immer mehr
Straftaten die elektronischen Mo"glichkeiten der Computernetze.
Darauf verweist der Leiter des Sachgebiets Computerkriminalita"t
beim Bayerischen Landeskriminalamt in Mu"nchen, Werner Paul. ``Die
Palette reicht von der Kinderpornographie, u"ber Rauschgift, den
Waffenhandel, Software-Raubkopien bis zum Kreditkartenbetrug'',
sagte er am Freitag der DPA.
....
Copyright German Press Agency, 1995
EDP - Police Expert: Criminal use of computer networks increasing
Munich (German Press Agency) - criminals are increasingly using
the electronic possibilities of computer networks. According to
the director of the computer crime unit of the Bavarian State
Prosecutors Office in Munich, Werner Paul, "The range extends
from child pornography to narcotics, the arms trade, software
piracy and credit-card fraud." Herr Paul was speaking on Friday
to the German Press Agency.
Key points:
o The investigation of CompuServe in Germany on suspicion of
distributing child pornography is not an isolated case.
o On-line access suppliers can no more distance themselves from
distribution of pornography than from distribution of illegal
copies of proprietary software, he said.
o Herr Paul argued that the issue is not that the access providers
are criminals; the problem is that criminals are using the access
providers.
o In the fight against computer crime, the networks must, in his
opinion, help the police authorities; he conceded that the police
authorities do not have enough highly qualified personnel for such
investigations.
M. E. Kabay, Ph.D. / Director of Education, National Computer Security Assn
(Carlisle, PA)
------------------------------
Date: Mon, 8 Jan 1996 14:26:23 -0500 (EST)
From: Educom <
[email protected]>
Subject: CompuServe's Can of Worms (Edupage, 7 January 1996)
After cutting off subscribers' access to more than 200 electronic bulletin
boards that feature adult material last week, CompuServe now is trying to
find a technical way to block only German subscribers, whose government
originally had lodged the complaint against the commercial online provider.
Industry executives are pointing out that this would set a bad precedent,
possibly encouraging other governments to make their own demands regarding
content restrictions. "Every country will now jump in and say we don't want
any antigovernment propaganda. Every country in the world will push its own
local hot button," says a University of Pennsylvania professor. (*Wall
Street Journal*, 5 Jan 95, B2)
------------------------------
Date: Wed, 3 Jan 1996 12:22:15 -0600 (CST)
From: Daniel Hicks <
[email protected]>
Subject: The risks of using obscenities
Note: DaveR, a user on an internal IBM system in Lexington, KY, was browsing
the ESPN Web pages and came upon some correspondence discussing U of K
basketball player Jared Prickett. However, the name appearing on the page
was "Jared ett" -- some automatic censor logic was removing "Prick" from
posts to the ESPN discussion boards. I have encouraged DaveR to submit
directly a RISKS article about this [which is now unnecessary], but I
thought the following might make for an interesting counterpoint [...].
Back when I was in college (many many years ago), we had an HP 2000 Time
Shared Basic system. It was a fairly primitive system by current standards
(16 TTY terminals), but the neatest thing since sliced bread at the time.
There were several students, however, who just did not get along well with
computers. One of these, a classmate of mine, had spent several hours
creating a program to do some task, but the program was not working as
expected. In a fit of frustration, the student typed in "SCR*W YOU" on the
TTY. However it was the student who was screwed. Any line not prefixed by a
line number was interpreted by the system as a command, and the system
ignored anything beyond the first three letters of commands. So "SCR*W YOU"
was seen as "SCR", meaning "scratch" -- the system's command to erase the
current workspace.
In a final bit of irony, the system responded with its usual response --
"OK" -- after completing the "scratch" operation. The student was laughing
at the system's response -- until he realized his program had disappeared.
Dan Hicks IBM Rochester, Minnesota
------------------------------
Date: Sat, 6 Jan 1996 17:25:55 -0800
From:
[email protected] (Henry Baker)
Subject: Metaphorplay on Compuservile
A powerful rule-of-thumb from control theory says that the uncertainty
in a control system will gravitate towards the degree of freedom that is
hardest to measure and/or hardest to control. A classic example of this
problem is the 'horizon effect' in computer chess programs, in which bad
(or good) things that happen more moves ahead than the program can look,
aren't considered at all; this provides a way for a fair human strategic
player to beat a tactically excellent chess program.
Politicians appear to be blissfully unaware of this rule, and as a result
they go off so half-cocked that their 'cures' are much worse than the
diseases for which they are prescribed. For example, instead of having
newsgroups whose content is trivially identified, so that people can stay
clear of them, the newsgroups will now get innocuous names, and it will be
much easier for someone to wander into the middle of an ogrey (sic).
However, Santayana was right, and people must learn most things first-hand,
so here goes.
Instead of beating our breasts over Compuserve's censorship of Usenet
newsgroups, we should should respond to this censorship in the same way that
people have all through history -- by using metaphoric code. For example,
some of the nursery rhymes we learned as children were actually very caustic
statements about the powers-that-be of the time, but which if said in plain
text would have gotten the speaker's spine stretched and/or severed.
Given the indexing machines like www.dejanews.com and
www.altavista.digital.com, one can get a list of the 2000 most frequent
adjectives, verbs and nouns (exclusive of the proscribed groups, whose names
are available at www.eff.org). We and then construct a mapping from these
most frequent words onto the words of love & hate, which can provide a
vocabulary rich enough for most public purposes. (A brief scan of the
'personals' section of the local newspaper indicates that 2000 words is far
more than should be necessary, and probably exceeds by two orders of
magnitude the vocabulary of cheap porn flicks.)
We now fix our personal spelling dictionaries to suggest the appropriate
mappings, and continue usenetting as before.
Because we have utilized the most common words from Usenet, any attempt to
scan the news with a simple 'stop list' will prove futile and/or will
succeed in killing off 99% of _all_ the news.
Example:
"There once was a student from Nantucket;
whose thesis was so long he could..."
(You get the picture.)
Additionally, some uncommon words like 'exon' and 'compuserve' can also be
included in the dictionary. You can intuit their meanings from the usage
below.
"The first night we met, we exoned like bunnies; our son George is the
result."
"She was just a compuserver that I met in an IRC Chat Room; she was picked
up by the vice squad for compuserving on Hollywood Boulevard before she
discovered Cyberspace."
Given these meanings, Compuserve will be forced to 'stoplist' these words,
which among other things will lead to a Russell-Goedel paradox.
Henry Baker www/ftp directory:
ftp://ftp.netcom.com/pub/hb/hbaker/home.html
Copyright (c) 1996 by Henry G. Baker. All rights reserved.
** Warning: Due to its censorship, CompuServe and its subscribers **
** are expressly prohibited from storing or copying this document **
** on CompuServe in any form. **
[But watch out for the russelling goedels
unless you are quite undecided. PGN]
------------------------------
Date: Tue, 02 Jan 96 21:35:52 GMT
From:
[email protected] ("David G. Bell")
Subject: Re: Bavarian Police Censors CompuServe (RISKS-17.59)
In article <
[email protected]> you write:
> Date: Tue, 2 Jan 1996 15:26:25 +0100
> From: Klaus Brunnstein <
[email protected]>
> Subject: Bavarian Police Censors CompuServe
And the story looks more and more confused with every hour that passes...
But does anyone else remember a similar incident, several years ago, over
the game Wolfenstein 3D?
This precursor to Doom, distributed in much the same way, was made
available over Compuserve. Unfortunately, some of the graphics included
pictures of Adolf Hitler and assorted Nazi insignia, on the walls of the
rooms where the player was killing anything and everything that moved.
This made the game illegal in Germany.
The game was withdrawn from Compuserve, worldwide.
Back then, I wasn't on the net. I got my news at a slower pace, in
monthly magazines. According to the accounts, as I recall, there was
some confusion about who took the decision to remove the game, and
Compuserve said it was the decision of the forum sysop (is that the
correct term?).
In any case, the problem of local laws affecting an international
computer network is _not_ new, and Compuserve staff didn't need to read
RISKS to know about the possibility.
David G. Bell -- Farmer, SF Fan, Filker, Furry, and Punslinger..
------------------------------
Date: Wed, 03 Jan 96 16:04:36
From:
[email protected] (Russell Stewart)
Subject: Re: Bavarian Police Censors CompuServe (Brunnstein, RISKS-17.59)
Actually, I think this should have been titled "Compuserve censors itself."
Though I don't agree with the actions of the German police or those of
Compuserve, the fact remains that Compuserve made this choice themselves.
Why does it matter? Simple; this is all the more reason for anyone who truly
cares about freedom of expression in the electronic medium to dump giant,
corporate providers like Compuserve and AOL and instead patronize their
local ISPs, who (in my experience) are usually very serious about providing
their customers with everything that the 'net has to offer.
Of course, not every town yet has an ISP, so this is not an option for
everyone. But even if only the people in towns that do have good ISPs did
this, C$ and AOL would feel it.
Russell Stewart, Albuquerque, New Mexico
[email protected] http://www.rt66.com/diamond/
------------------------------
Date: Wed, 3 Jan 1996 18:22:34 +0100
From: Klaus Brunnstein <
[email protected]>
Subject: CompuServe Overreaction
After some discussions with State Attorneys in Munich, there is evidence
that CompuServe activities to shutdown worldwide access to 200 electronic
discussion groups were legally UNJUSTIFIED to the extent as experienced!
The legal background is Para.184 of German Penal Code concerned with
"Pornographic Writings" (Schrift). The lengthy paragraph forbids to
distribute and give access to pornographic writings to persons under 18
(sentence 1), and it also forbids pornographic broadcasts (sentence 2). Esp.
provisions were recently introduced (1994) to forbid distribution,
presentation, production etc of child pornography; this part applies to
persons of any age.
In early November 1995, Munich police notified Bavarian state attorney`s
office that CompuServe`s German subsidiary (with its office in Unterhaching,
a suburb of Munich) offers access to child pornography also to persons under
18. In German Penal Code, this is an offence which the state attorney MUST
prosecute (Offizialdelikt). State Attorney asked the district court
(on Nov.11) for a search warrant. On Nov.22, attorneys and police experts
searched CompuServe`s office for evidence. CompuServe was given a list
with 200 electronic fora to which Para.184 MIGHT apply, but it
was explicitly made clear that CompuServe had the responsibility to
analyse which of these fora really offended German law. (Indeed, a careful
inspection of knowledgeable people would have made clear immediately
that several items on this were NO valid candidates for Para.184!)
CompuServe reacted VERY late (shortly before Christmas), and CompuServe
OVERREACTED in blocking access to ALL these electronic fora WORLDWIDE. As
most national laws (with exception of some laws requesting universal
applicability :-), German law deliberately applies to Germany :-)! Either
was CompuServe TECHNICALLY UNABLE to react ONLY FOR GERMAN users (and leave
worldwide users unaffected). OR CompuServe choose its overreaction carefully
to produce worldwide uproar against applying national law! Anyhow,
CompuServe evidently failed to legally analyse which of the 200 el.fora
really addressed the intent of Para.184!
The procedure of Bavarian State Attorney may have one week point in whether
the term "writing" (evidently meant by legislators as applying to
traditional paper-work) may apply to "electronic documents" even in "virtual
form". Current interpretation here is that "writing" also applies to
printouts and stored files (as they may be printed). Evidently, this MAY NOT
APPLY to pictures in RAM just displayed on a screen, as long they are not
stored or printed. This may also not apply even to disk cache as long as
this is only accessible to the display system. On the other hand, if
CompuServe stores such files locally (in Munich), e.g., on a mirror-site, and
as CompuServe does *not* differentiate between users according to age (e.g.,
those under 18), para.184 may indeed apply if CompuServe can be held
responsible for the content of their files.
It would be interesting to legally clarify also in Germany the question
of responsibility, as recently clarified in the Prodigy and CompuServe
cases in USA (in one case, a moderated group was regarded as being sort
of publisher with responsibility for the content, while in another case,
an unmoderated forum was regarded merely as book-seller, with NO re-
sponsibility for the content traded). No similar case has been dealt-
with in Germany, so far.
In this situation, there is NO evidence that the Bavarian procedure in this
case may be a signal for introducing censorship in the Internet (as many
experts had feared, including my initial reaction :-). But this case may be
helpful to start discussions of self-control, including topics of
pornography, virtual violence or assault! From a German point of view, it is
indeed hard to understand that Nazi propaganda (legally forbidden in Germany
since WW II for good reasons, for which we have been re-educated and
democratized :-) flows into Germany from Nazi groups, e.g., in Canada, USA
and Denmark. Free Flow of Information requires responsibility and ethical
standards which so far have hardly been developed in networld. So far, some
universities with some sort of "Code of Ethics" (e.g., Hamburg university)
have sopped access to (few) pornographic electronic fora since some time.
This is NOT a matter of censorship but a matter of Ethics and
responsibility!
Klaus Brunnstein (Univ Hamburg: January 3,1995)
PS: for those capable of German and interested in the text of para.184,
I will make the text (in German only!) available on our ftp site,
on 4 Jan 1995 (noon Hamburg time): look for
ftp.informatik.uni-hamburg.de/pub/virus/laws/para184.txt
This site is "under development", and we will store there legal
texts related to computer crime, viral and hacker issues, etc.
------------------------------
Date: Wed, 3 Jan 1996 16:56:21 -0600 (CST)
From: Sean Reifschneider <
[email protected]>
Subject: Re: Problems when PC BIOS is held in flash RAM (Portman, RISKS-17.58)
>Each PC will have to come supplied with a re-load trusted bios program,
>but I have no idea how (or if) this would work.
It's not just PCs that come with this "feature" but also modems, tape
drives, and many other pieces of hardware which allow reprogramming in the
field. Modem manufacturer Zyxel has chosen to put more of it's modems
"brains" in the flashed software than in hardware which allows them to have
supported new features which weren't even thought of when the modem was
designed (to an extent).
But back to the PCs... I own a couple of PCs which use Flash ROMs. I find
it quite assuring to know that I can upgrade to the latest BIOS just by
loading a floppy and letting it rip. It's not quite THAT easy though...
Many of the BIOS upgrades will need to update the "boot" portion of the ROM
which requires physically moving a jumper on the motherboard.
These boards also have the ability to boot a minimal system in the event of
a bad flash. Unfortunately I *DID* have to test this a short while back.
But as with everything, with proper measures taken it seems to be reasonably
safe to do. This includes making sure you have the image of the old BIOS on
disc and recommendations have been made on UseNet to not try flashing if
there's a storm (loss of electricity risks).
Of possible interest to other RISKS readers is the method that some of the
larger Hewlett Packard machines have used. They have two banks of
programmable memory which you can boot from. If for one bank fails due to a
an upgrade failure or chip failure, an operator can switch over to the other
bank and boot with the previous version or a backup copy. Specifically I
have observed this on a T-500 class machine (I noticed during a firmware
upgrade that there were several options and asked the HP field engineer
about it).
What do you expect on a million-dollar piece of hardware though?
>Another RISK is that the flash RAM will probably only be good for tens
>of program cycles (updates) to keep costs down.
While this may well be a RISK (the motherboard I bought has a reputation
of using workstation-quality oscillators so hopefully it's not a risk for
me), I think it's worth pursuing to "root cause"...
Is the manufacturer to blame? I don't think so... Look at what we now
equip our PCs with -- possibly cheap FlashROMs that may be only good for 10
cycles, the RAM doesn't even so much as parity-check any more (the Triton
chipset ignores parity bits if your RAM even has it), single spindle hard
drives, etc...
By contrast, most "workstation" class machines would have possibly better
quality components inside, ECC (error correcting) memory, watchdog timers
(to detect when the software isn't responding and reset the machine), most
of them still use single-spindle hard drives though...
(I must say that I was pleasently surprised to see that the first Pentium
Pro motherboard I saw DID use ECC RAM)
The "root cause" of these shortcomings is of course the consumers. Why pay
for workstation-quality components when they can get "the same computer" for
hundreds if not thousands of dollars less from someone next door? I guess
I'm kind of to blame too... Even though I wanted a PC with ECC memory, RAID
storage, and a watchdog timer, I bought the best PC I could because going
with these parts would push the price up by literally 3 times. I am planing
on installing a watchdog, and I haven't been able to locate PC-class
motherboards with ECC ability.
Everyone claims to want reliability and good service, but few want to pay
for it. Witness people spending half an hour driving to another store to
save $.30 on laundry detergent. Or how about the person bashing Gateway (a
well known mail-order computer seller) for sending out a replacement
motherboard and expecting one UseNet poster's daughter to be able to replace
it. I'm sure if they brought the machine to the resellers door the
motherboard would have been replaced for them...
Sean
------------------------------
Date: Thu, 04 Jan 96 13:43:00 PST
From: John Light <
[email protected]>
Subject: Door-unlocked indicator increases risks?
My car radio was stolen the one night I didn't lock my car, so I made the
following observation.
Many modern cars have integrated alarm systems. By "integrated" I mean that
locking the car automatically arms the alarm, and unlocking the car
automatically disarms the alarm. A side effect is that a light flashes on
the dash to indicate the alarm is armed.
A thief who frequents a neighborhood will know which cars have alarms. If
he sees that the light is not flashing, he will know that the car is not
locked without having to either approach the car closely or do something
suspicious like try the door handle. So the one night in a hundred when you
fail to lock the car will likely be found out. (And you might blame it on
Murphy!)
It is ironic that the light that is meant to add protection actually reduces
it under some circumstances. I intend to disable the alarm flasher, leaving
only the radio flasher, which turns on whenever the car is turned off.
John Light
[email protected]
------------------------------
Date: 6 September 1995 (LAST-MODIFIED)
From:
[email protected]
Subject: ABRIDGED info on RISKS (comp.risks)
The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks.
SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on
your system, if possible and convenient for you. BITNET folks may use a
LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. [...]
DIRECT REQUESTS to <
[email protected]> (majordomo) with one-line,
SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:]
INFO [for further information]
CONTRIBUTIONS: to
[email protected], with appropriate, substantive Subject:
line, otherwise they may be ignored. Must be relevant, sound, in good taste,
objective, cogent, coherent, concise, and nonrepetitious. Diversity is
welcome, but not personal attacks. [...]
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
RISKS can also be read on the web at URL
http://catless.ncl.ac.uk/Risks
RISKS ARCHIVES: "ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>
cd risks<CR> or cwd risks<CR>, depending on your particular FTP. [...]
[Back issues are in the subdirectory corresponding to the volume number.]
Individual issues can be accessed using a URL of the form
http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]
ftp://unix.sri.com/risks [if your browser accepts URLs.]
------------------------------
End of RISKS-FORUM Digest 17.61
************************
