precedence: bulk
Subject: RISKS DIGEST 19.25
RISKS-LIST: Risks-Forum Digest Friday 18 July 1997 Volume 19 : Issue 25
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
***** See last item for further information, disclaimers, caveats, etc. *****
Contents:
Partial failure of Internet root nameservers (Daniel Pouzzner)
Norwich Union to make e-mail libel payout (Jonathan Bowen)
Phone industry wants FCC's help against FBI's wiretap plans (Edupage)
Voice-controlled MS WORD (Edupage)
Medical computer crashes (Tom Van Vleck)
New York State information-systems learning standards (Frederick W. Wheeler)
Regulatory Improvement Act requires risk assessments (Mary Bryant)
Unique definition of "proof of correctness" (Daniel P.B. Smith)
Vigilante fallout from the Megan's Law CD-ROM (Joel G)
Re: Website on Spreadsheet Research (John R. Levine)
DEC Alpha Bug, final resolution (Gregory F. March)
Security risks from active usenet articles (Jonathan de Boyne Pollard)
Re: Faulty lavatory smoke detector lawsuit (PGN)
DA Computer Chief Almost loses Job:" follow-up report (Curtis Karnow)
Anti-spam redux (Simson L. Garfinkel)
comp.risks was spammed last night (PGN)
The truth about Usenet's Psychic Spammers! (Greg Corteville)
"25 Steps to Safe Computing" by Sellers (Rob Slade)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Thu, 17 Jul 1997 05:58:57 -0400 (EDT)
From: Daniel Pouzzner <
[email protected]>
Subject: Partial failure of Internet root nameservers
In the wee hours of 17 Jul 1997, a remarkable event occurred. The 4AM
update of the root nameserver database was botched - horribly. The
immediate and very real effect of this is that the Internet does not work
right. In this episode, the top-level domains .com and .net have ceased to
exist. .edu and .gov (presumably among others) appear to be unaffected, but
in short - most of the network is practically inaccessible. So that the
full weight of this error can be appreciated, I list below some sample
results of attempted name resolutions.
-* dnsquery -n a.root-servers.net. digital.com.
Query failed (h_errno = 1) : Unknown host
-* dnsquery -n a.root-servers.net. saic.com.
Query failed (h_errno = 4) : No address associated with name
-* dnsquery -n a.root-servers.net. sun.com.
Query failed (h_errno = 4) : No address associated with name
And similar responses for queries for mobil.com, exxon.com, toyota.com,
internic.net, mci.com, sprint.com, geffen.com, ge.com, and presumably any
other .com or .net we've come to take for granted. IBM fails in a slightly
different way: they have a special entry for the *host* ibm.com, which
successfully resolves, but this is of no practical utility since that host
is not itself a name server.
If the dysfunction endures for much longer, we can expect serious
repercussions. Barring a quick repair, people will start arriving at work
over the next two hours to discover that the Internet, as far as they are
concerned, has ceased to exist overnight. Even if the Internic manages to
get things rolling again before then, we should all consider this a
harbinger.
The outage continues as I complete this message. To get this e-mail to the
RISKS mailbox, I bypassed the root name servers by resolving sri.com through
the Stanford University name servers (on a hunch). These are the sorts of
tricks we will all be slowly learning as the size of the Internet and the
weaknesses of its foundational technology continue to burgeon beyond
manageability.
-Daniel Pouzzner, New York City
[The problem apparently began around 11:30pm 16 Jul EDT, during the
autogeneration of the NSI top-level domain zone files, and resulted from
the failure of a program converting Ingres data into the DNS tables,
corrupting the .COM and .NET files. Quality-assurance alarms were
evidently ignored and the corrupted files were released at 2:30am EDT --
with widespread effects. Other servers copied the corrupted files from
the NSI version. Corrected files were issued four hours later, although
there were still some lingering problems. An excellent analysis by
Peter Wayner exists on the 18 Jul 1997 www.NYTimes.com Cybertimes. PGN]
------------------------------
Date: Fri, 18 Jul 1997 10:58:29 GMT
From:
[email protected] (Jonathan Bowen)
Subject: Norwich Union to make e-mail libel payout
[In addition to the Internet fiasco,] further e-mail problems were also
reported in the [London] *Times* on 18 July 1997, p25:
Norwich Union, an insurance company, has been ordered to pay 450,000 UK
pounds (c $750,000) and to issue an apology for libeling a private
healthcare group by e-mail, the first time [in the UK?] that a company has
received damages for libel via e-mail.
------------------------------
Date: Thu, 17 Jul 1997 18:38:50 -0400
From: Edupage Editors <
[email protected]>
Subject: Phone industry wants FCC's help against FBI's wiretap plans
Arguing that the FBI's requests for expanded wiretap capabilities go beyond
that agency's authority, telephone industry officials are asking the Federal
Communications Commission to help them resist the FBI's proposed digital
phone design, which would allow law enforcement officials to continue the
wiretapping of a conference call even after the person targeted by a
court-authorized wiretap drops out of the call. The phone industry claims
the request would cost billions of dollars to implement and would expose it
to lawsuits by civil liberties groups fighting against privacy invasions.
(*The New York Times*, 16 Jul 1997; Edupage, 17 July 1997)
------------------------------
Date: Thu, 17 Jul 1997 18:38:50 -0400
From: Edupage Editors <
[email protected]>
Subject: Voice-controlled MS WORD (Edupage)
Lernout & Hauspie, a speech technology software vendor, will introduce a
voice-controlled software editor for Microsoft Word in the fall. Users will
be able to select a sentence, underline a group of words, and change the
color and size of a font, all by naturally spoken voice. "It'll make people
give up the mouse," says Lernout & Hauspie's chief technology officer. The
Lernout & Hauspie product uses discrete dictation pathology software from
Kurzweil Applied Intelligence, which it acquired earlier this year.
Kurzweil's artificial intelligence technology allows the software to prompt
users for answers as if they were entering information onto a form. The
initial product will be aimed specifically at pathologists, with other
versions for the legal profession and police reporting to follow.
(*InfoWorld Electric*, 17 Jul 1997; Edupage, 17 July 1997)
[RISKS has previously suggested what might happen if someone walking
by your office coincidentally uttered something meaningful to the system.
The concept of SPOKEN WORD viruses may present some glorious new forms of
attack, as well as utter punning. Victor Borge would have a field day. PGN]
------------------------------
Date: Wed, 16 Jul 1997 19:49:14 -0700
From:
[email protected] (Tom Van Vleck)
Subject: Medical computer crashes
I visited a hospital emergency room recently late at night. As I was
reciting my data to the admitting clerk, a horn sounded, and she said, "Oh
darn, the computer's crashed. It crashes every day at midnight, and takes
about fifteen minutes to come back." She didn't know what kind of computer
it was; the keyboards were labeled IBM.
[Why wait for Y2K? This is Midnight Madness, or Rollover Twist. PGN]
------------------------------
Date: Thu, 10 Jul 1997 11:43:24 -0400
From: "Frederick W. Wheeler" <
[email protected]>
Subject: New York State information-systems learning standards
RISKS readers will be pleased to learn that New York State public schools
are preparing students to address many of the concerns discussed in this
forum. The New York State Education Department (
http://www.nysed.gov) has
published learning standards as a guide to evaluate school curricula and
student proficiency.
The Mathematics, Science and Technology Standard (
http://www.nysed.gov/mst)
has a section on Information Systems that addresses the benefits, risks and
ethical issues of using computers to store information.
The three parts of the Information Systems section are listed below, along
with examples of student proficiency for each part. The examples are
excerpted from "Mathematics, Science and Technology Performance Indicators",
pages 8,9 (
http://www.nysed.gov/mst/perf.pdf).
Mathematics, Science and Technology Standards: Section 2, Information Systems
PART 1: Information technology is used to retrieve, process, and
communicate information and as a tool to enhance learning.
PART 2: Knowledge of the impacts and limitations of information systems is
essential to its effective and ethical use.
Elementary Level Students:
* understand that computers are used to store personal information
Intermediate Level Students:
* understand the need to question the accuracy of information
displayed on a computer because the results produced by a computer
may be affected by incorrect data entry
* understand why electronically stored personal information has
greater potential for misuse than records kept in conventional
form
Commencement Level Students:
* explain the impact of the use and abuse of electronically
generated information on individuals and families
* discuss the ethical and social issues raised by the use and
abuse of information systems
PART 3: Information technology can have positive and negative impacts
on society, depending upon how it is used.
Elementary Level Students:
* demonstrate ability to evaluate information critically
Intermediate Level Students:
* describe applications of information technology in mathematics,
science, and other technologies that address needs and solve
problems in the community
* explain the impact of the use and abuse of electronically
generated information on individuals and families
Commencement Level Students:
* discuss how applications of information technology can address
some major global problems and issues
* discuss the environmental, ethical, moral, and social issues
raised by the use and abuse of information technology
A RISK here is assuming that the standards are met.
Fred Wheeler, Electrical Engineer (
[email protected])
Susan Nelson, Music Teacher
------------------------------
Date: Fri, 27 Jun 1997 19:43:27 -5
From: "Mary Bryant" <
[email protected]>
Subject: Regulatory Improvement Act requires risk assessments
A statement released 27 Jun 1997 by Senator Fred Thompson on the proposed
bipartisan Levin-Thompson Regulatory Improvement Act is available on line in
RiskWorld, along with a summary of the proposed legislation. The Act will
require cost-benefit analyses and risk assessments of major rules, a process
for reviewing existing rules, and executive oversight of the rule-making
process. A press release from the offices of the bill's sponsors, Senator
Thompson, R-Tenn., and Senator Carl Levin, D-Mich, is also posted. Visit
RiskWorld at
http://www.riskworld.com and go to the News Stories department.
------------------------------
Date: Fri, 18 Jul 1997 14:10:53 -0400 (EDT)
From: "Daniel P. B. Smith" <
[email protected]>
Subject: Unique definition of "proof of correctness"
*Computer Design*, July 1997, p. 38, describes the IDT-C6, a
Pentium-compatible microprocessor designed by Centaur Technology. "IDT
claims to have tested the C6 with most modern PC operating systems,
including WIndows 95, Windows 3.1, NetWare, and Solaris for Intel. _The
complexity and pervasiveness of the Windows operating system generally are
considered to make up an exacting proof of correctness..._" [emphasis
supplied]
Give up, folks... the marketers have won. Once they redefine a
term, the engineers _never_ win it back...
Daniel P. B. Smith
[email protected]
------------------------------
Date: Wed, 16 Jul 1997 16:55:07 -0700
From:
[email protected]
Subject: Vigilante fallout from the Megan's Law CD-ROM
Re: California's Megan's Law CD ROM: Not only is the CD full of incorrect
information, but even trying to validate it is a risk.
The following is from an AP story in the 12 Jul 1997 *San Diego Union*
entitled "Vigilantes suspected in firebombing" with a related story "Covina
victim has record of sex crimes":
COVINA -- Investigators suspect vigilantes of firebombing the van of a
neighbor after it was revealed that he had a record of sex crimes. Willie
Lee McAlister's van was burned the morning of July 5, a few days after
deputies came to his door and a neighbor verified his identity in a CD-ROM
database put out by the state.
"It doesn't take a rocket scientist to put two and two together," sheriff's
Sgt. Lynn Judes said. However, the Sheriff's Department said in a press
release later that investigators had found no evidence that McAlister was
targeted because of his past. [...] Sheriff's Sgt. Larry Crookshanks said
that once a neighbor learned of McAlister's record "it spread like
wildfire." No eyewitnesses have come forward, but vigilantes seemed the
logical attackers, he said. "It stands out and hits you between the eyes,"
Crookshanks said.
Sylvia Earles, who lives across the street from McAlister, said she saw
deputies at his door July 1, confronted him and learned why they had come:
The deputies were checking to make sure that his address was correct before
releasing the database.
jg
------------------------------
Date: 17 Jul 1997 02:26:38 -0000
From:
[email protected] (John R. Levine)
Subject: Re: Website on Spreadsheet Research (Panko, RISKS-19.24)
> Every study that has tried to measure spreadsheet error rates has
> found them and has found them at levels that are deeply disturbing.
Over ten years ago, I was one of the authors of Javelin, a PC time
series modelling package. Our main competitor was 1-2-3.
Javelin offered a lot more tools than spreadsheets did to build
correct models. Variables had names, not just cell locations, and
could be time series with definite start, stop, and interval (day,
week, month, year, etc.) There was a single internal model regardless
of which of several views (formulas, worksheet, graph, etc.) you
looked at. Time series were handled automatically, and if you wanted
one variable to feed into another with a time shift, you had to say so
explicitly. We also had auditing features so for any variable you
could see what its inputs or outputs were, displayed in a tree, and
walk up and down the trees looking at the values.
We figured that this model reliability would be a strong selling
point, but in focus groups we consistently found that people didn't
want to hear about it. They had their 1-2-3 models, they were using
the results, and they weren't inclined to do much debugging. One of
the more telling responses we got was "it's up to my manager to verify
my spreadsheets."
In our limited experiments we found that as a rough approximation, any
spreadsheet large enough to be interesting had serious mistakes. I see that
a decade later that hasn't changed.
John R. Levine, IECC, POB 640 Trumansburg NY 14886 +1 607 387 6869
[email protected], Village Trustee and Sewer Commissioner,
http://iecc.com/johnl
------------------------------
Date: Fri, 18 Jul 1997 10:09:33 -0400
From: "Gregory F. March" <
[email protected]>
Subject: DEC Alpha Bug, final resolution (Re: RISKS-19.24)
So, as it turns out, DEC finally made it to our site and replaced the
motherboard. Everything worked fine after that. Unfortunately, I was on
vacation at the time and missed the service call (and the opportunity to
compare boards / chip batch numbers). I'm kind of bummed about that, but
alas, that's life.
DEC claimed it was a bad chip on *that* board only.
Three questions remain:
1) Was the chip bad, but that aspect of the chip is not tested?
2) Was the chip bad and the failure was missed during testing?
2) Did the chip fail after shipping?
BTW, not being a real DEC guru, I'm not up on my model numbers. From what I
gather this was a "3000 model 900" if that means anything to anyone. It was
running "V3.2 148 OSF1" unix.
RISKS: How are we to monitor this type of failure in the future? This type
of failure in the wrong place at the wrong time can cause serious damage,
both financial and more importantly physical. Scary. Should there be a
standard (no that will never work :-) set of tests that all chips must go
through during start up?
Anyway, happy RISKS hunting to all...
* Gregory F. March *
http://www.gfm.net *
[email protected] *
------------------------------
Date: 19 Jun 97 22:29:18 +0100
From: Jonathan de Boyne Pollard <
[email protected]>
Subject: Security risks from active usenet articles (RISKS-19.18)
[email protected] writes:
> If I don't run a web browser then I'm immune to all the
> (java/javascript/activeX) security holes, right?
> Well, no.
> I was just reading usenet using the Netscape Navigator newsreader, [...]
Except, of course, that Netscape Navigator _is_ a web browser.
Running Netscape Navigator to read news means that one is "running a web
browser" as well. On my machine at least, there is one executable,
NETSCAPE.EXE, and one running process in the process list irrespective of
the number or type (browser or newsreader) of windows open.
Perhaps the risk here should be the risk of assuming that the _apparently_
different and completely separate parts of "integrated" applications (such
as a combination web browser and NNTP news reader) actually _are_ different
and completely separate, or of not knowing what one actually _is_ running
when one uses a program.
> JdeBP <
Please remove the '$' in the from line before reply via e-mail.
Anti-UCE filter in operation.
------------------------------
Date: Thu, 17 Jul 97 9:30:49 PDT
From: "Peter G. Neumann" <
[email protected]>
Subject: Re: Faulty lavatory smoke detector lawsuit (RISKS-19.24)
Despite its lack of computer relevance, I included the lavatory item in the
previous issue because it reminds us once again of (1) the risks of
depending on technological solutions, and (2) the fallibility of people. As
it turns out, it was a different passenger who was smoking in the adjacent
lavatory. The crew apparently eventually recognized they had made a
mistake, but still threatened the innocent passenger with arrest if he
complained or kept asking for their names. [Perhaps tobacco companies are
now developing cigarettes that won't trigger the alarms?]
------------------------------
Date: Wed, 16 Jul 1997 21:31:52 -0600
From:
[email protected]
Subject: "DA Computer Chief Almost loses Job:" follow-up (Haynes, RISKS-19.24)
I was the lawyer that, on behalf of client Ralph Minow, reviewed a print out
that supposedly pointed to my client as the perpetrator of a computer
sabotage. I then prepared an analysis that finally convinced the
authorities to drop the case. The dump of the daily log of the UNIX based
suggested that someone had made a very minor modification to a backup file,
rerouting the backup back to a on-line drive, with very nasty results.
Someone with supervisor privileges, of course... and my client had such
privileges. The investigators knew a little, but not enough, about the
system and assumed that my client must have been the culprit, not realizing
that someone else could have logged on as a supervisor and pretended to be
my client. The lesson, we all know on RISKS: when humans have final control
over the computer output, then the computer output is no more trustworthy
than the human input. Time stamps, user logins, all that and more, can be
changed with someone with enough control over the system. An old lesson:
GIGO.
Curtis Karnow, Sonnenschien Nath & Rosenthal
------------------------------
Date: Thu, 17 Jul 1997 16:43:26 -0400
From: "Simson L. Garfinkel" <
[email protected]>
Subject: Anti-spam redux
More time had elapsed between when I did my anti-spam DNS work and when the
article appeared in RISKS. During that time, Vineyard.NET decided to
abandon our DNS-blocking SMPT server. The reason was that two key Internet
sites---AT&T's WorldNet and Dow Jones ---quiet simply refused to set up
valid reverse DNS for the mail servers.
We have since explored other blocking technology. We are continuing to block
mail that does not have a valid From: addresses. We now also allow our users
to have their own individual list of domains to block. We are doing this
with a modified SMAP, part of the Trusted Information Systems Firewall
Toolkit. You can download the modified SMAP from
ftp://vineyard.net/simson/smap.c. You can download the rest of the Firewall
Toolkit from
ftp://ftp.tis.com/.
If you are running sendmail, I strongly suggest that you run the Firewall
Toolkit's SMAP wrapper. You can find instructions on how to install it in my
book Practical UNIX and Internet Security, published by O'Reilly &
Associates.
I am also told that there is a very nice list of domains to block maintained
by J.D. Falk, kept at:
ftp://ftp.cybernothing.org/pub/abuse/
There is now also a mailing list of anti-spamming tools. You can find info
about it at
http://www.abuse.net/spamtools.html
------------------------------
Date: Fri, 18 Jul 97 16:22:10 PDT
From: "Peter G. Neumann" <
[email protected]>
Subject: comp.risks was spammed last night
Readers of the Risks Forum via comp.risks were spammed last night by a very
poorly advised forgery of approval. WARNING: the CompuServe FROM: address
could have been the result of an intruder or masquerader -- or simply bogus
(I have not heard anything from the ISP yet, and various complaints have
been launched); the 1-800 number given could be an attempt to scam
responders out of their credit cards or other information; so, USENET
readers, BEWARE, and PLEASE IGNORE THE MESSAGE altogether. I am looking
into methods of ratcheting up some serious authentication; PGPMoose has been
suggested, for example. PGN]
------------------------------
Date: Sun, 13 Jul 1997 14:08:08 -0400
From: Greg Corteville <
[email protected]>
Subject: The truth about Usenet's Psychic Spammers!
By now I'm sure we've all seen some of the garbage from the notorious
"psychic spammers" on just about every Usenet group. I decided to do a
little investigating. I wrote down a few of the 800 numbers listed in the
ads and went to a campus telephone that cannot be billed. It has no long
distance service. After dialing the number, callers are treated to a very
brief and very fake "recorded reading". You are then urged to call a
different number for your "personal" reading. The number they want you to
call has an 809 area code!
For those of you unaware of the 809 area code problem, I'll explain. To
make an international phone call, you usually need to dial 011 first. This
makes it quite obvious that it is an international phone call and will
likely be expensive. However, several foreign countries have been assigned
"North American" area codes recently. Among them, area code 809 for the
Caribbean. Since these people are not bound by US law, they do not need to
disclose the full cost of making the phone call. Callers are usually
charged exorbitant amounts of money, similar to a 900 number. Some people
have been charged as much as $25 per minute! These people are scam artists
and are using the Internet as their latest method of attack.
For more information on the area code 809 problem, take a look at these
websites:
http://www.fraud.org/809alert.htm
http://www.oag.state.tx.us/WEBSITE/NEWS/LEGALMAT/9701cpd.htm
http://www.ece.orst.edu/~alper/Info/scam.html
------------------------------
Date: Thu, 17 Jul 1997 07:51:16 -0700 (PDT)
From: "Rob Slade, doting grandpa of Ryan & Trevor"
Subject: "25 Steps to Safe Computing" by Sellers
BK25STSC.RVW 970126
"25 Steps to Safe Computing", Don Sellers, 1995, 0-201-88366-X, U$5.95/C$7.95
%A Don Sellers
%C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%D 1995
%G 0-201-88366-X
%I Addison-Wesley Publishing Co.
%O U$5.95/C$7.95 800-822-6339 617-944-3700 Fax: 617-944-7273
[email protected]
%P 72
%T "25 Steps to Safe Computing"
This brief, cheap booklet should probably be available in every office. As
Sellers notes, it should not take the place of professional advice. It can,
and does, provide quick alerts and suggestions regarding the common maladies
associated with computer use and other office pressures.
Much of the book is common sense, and unsurprising. Little of the
information is very detailed. However, it does give tips and bits of advice
on signs to watch for. In addition, there is valuable resource information
included for all twenty five chapters.
copyright Robert M. Slade, 1997 BK25STSC.RVW 970126
======================
[email protected] [email protected] [email protected]
http://www.freenet.victoria.bc.ca/techrev/rms.html
------------------------------
Date: 1 Apr 1997 (LAST-MODIFIED)
From:
[email protected]
Subject: Abridged info on RISKS (comp.risks)
The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
if possible and convenient for you. Or use Bitnet LISTSERV. Alternatively,
(via majordomo) DIRECT REQUESTS to <
[email protected]> with one-line,
SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] or
INFO [for unabridged version of RISKS information]
=> The INFO file (submissions, default disclaimers, archive sites, .mil/.uk
subscribers, copyright policy, PRIVACY digests, etc.) is also obtainable from
http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info
The full info file will appear now and then in future issues. *** All
contributors are assumed to have read the full info file for guidelines. ***
=> SUBMISSIONS: to
[email protected] with meaningful SUBJECT: line.
=> ARCHIVES are available:
ftp://ftp.sri.com/risks or
ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>cd risks
[volume-summary issues are in risks-*.00]
[back volumes have their own subdirectories, e.g., "cd 18" for volume 18]
or
http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue].
The ftp.sri.com site risks directory also contains the most recent
PostScript copy of PGN's comprehensive historical summary of one liners:
get illustrative.PS
------------------------------
End of RISKS-FORUM Digest 19.25
************************
