precedence: bulk
Subject: RISKS DIGEST 19.79
RISKS-LIST: Risks-Forum Digest Saturday 6 June 1998 Volume 19 : Issue 79
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at
http://catless.ncl.ac.uk/Risks/19.79.html
Contents:
Radar glitch delays NYC flights (Edelson Doneel via PGN)
Air Force One drops off radar again (Edelson Doneel via PGN)
FAA orders retraining for air controllers (Peter G. Neumann)
Cause of train crash in Germany (Alexandre Sinyakov)
15th century time machine to suffer from millennium bug (Keith Rhodes)
UK libel law vs. US free speech (David Wittenberg)
Re: Disabling Java and JavaScript (Li Gong)
Y2K financial risks (Doneel Edelson)
Re: Referer-log security hole (Robert J. Woodhead, Sidney Markowitz,
Mark Nottingham, Paul Wright)
Re: Navy stops teaching celestial navigation (Danny Burstein, Michael Comiskey)
Re: Risks of online phone books (Una Smith)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Fri, 5 Jun 1998 14:25:44 -0500
From: "Edelson, Doneel" <
[email protected]>
Subject: Radar glitch delays NYC flights
Flights into and out of LaGuardia, Kennedy, and Newark in the NYC area were
delayed by an air-traffic control center computer upgrade problem at the
Westbury Long Island TRACON (Terminal Radar Approach Control). New TRACON
software was first loaded for testing at 5:30 a.m. this morning, but it
didn't work properly and the old software was reloaded at 7:10 a.m.
Unfortunately, some controllers' screens froze, airspeed, destination, and
other information were missing, and operations were slowed down. [USA
today, via Associated Press 5 Jun 1998; PGN Stark Abstracting]
------------------------------
Date: Fri, 5 Jun 1998 14:24:35 -0500
From: "Edelson, Doneel" <
[email protected]>
Subject: Air Force One drops off radar again
In March, we reported (RISKS-19.63) the momentary outage of the long-range
radar unit at Gibbsboro, N.J. (which had been installed in February), with
Air Force One disappearing from radar. It happened again over New Jersey
twice this morning with the President en route from Washington DC to give
the MIT commencement address, the first time for 48 seconds, the second for
36 seconds. (This was reportedly unrelated to the TRACON outage noted in
the previous item.) There was also an earlier failure in October 1997 in
which radar missed detecting a single-engine plane within 400 feet of a
Swissair Boeing 747, forcing the 747 into a steep dive. [USA today, via
Associated Press 5 Jun 1998; PGN Stark Abstracting]
[At MIT, the President noted that we need better security in our
systems. He failed to note (not surprisingly) that Administration policy
on encryption is a serious hindrance to better security. PGN]
------------------------------
Date: Sat, 6 Jun 1998 10:01:59 -0500
From: "Peter G. Neumann" <
[email protected]>
Subject: FAA orders retraining for air controllers
In light of a 20-foot-separation near-collision of two planes over La
Guardia Airport on 3 April 1998, and a 21 May 1998 FAA memo outlining
increased errors by controllers (19% increase in operational errors, 49%
increase in surface errors), the FAA has ordered retraining of 10,000 of the
18,000 U.S. air-traffic controllers. The significance of the near-disaster
came to light only after passenger complaints, whereas tower personnel had
failed to report it, and the pilot had notified his regional FAA office
rather than the local center. Relating to radar dropouts, Joseph Fruscella
(an air-traffic controller, and eastern regional vice president of the
National Air Traffic Controllers' Association) said, "Every day we lose
approximately 50 planes on the radar" for 30 to 60 seconds. "It's been a
problem since day one." [USA today, via Associated Press, and *San
Francisco Chronicle* items, p A4, 5 Jun 1998, and p. A1, 6 Jun 1998, PGN
Stark Abstracting]
------------------------------
Date: Fri, 5 Jun 1998 22:53:55 +0400
From: "SINIAKOV ALEXANDRE" <
[email protected]>
Subject: Cause of train crash in Germany
[The cause of the worst German train disaster in more than 50 years
is being blamed on a broken wheel on the first car behind the lead
locomotive, according to *The Washington Post*, 6 Jun 1998, noting
that investigators had not yet determined whether it was metal fatigue
or an outside force. Consequently, this item from Sinyakov seemed worth
including as an indication of the diversity of risks that must be
considered relating to technology. PGN]
The cause of train crash in Germany is a natural phenomenon -- a Local
Geophysical Resonance (LGR). LGR is unknown early phenomenon which is
connected with an interaction of solar systems planets. It was discovered by
professor Alexander Sinyakov. This interaction leads to the excitation of
local zone of outerspace. If the frequency of LGR is equal to the critical
frequency of crystal structure of object, the failure of objects take place.
In the case of train crash in Germany (03 June 1998) the frequency of
crystal structure of steel rails and wheels was equal to the frequency of
LGR. The crack of rails and may be wheels arose as a result of LGR.
Similar cause took place in the crash of train Pendolino in Italy.
More detail about LGR look at:
http://www.aanet.ru/nauka/siniakov/
http://www.aanet.ru/nauka/siniakov/
Best regards professor Alexander Sinyakov, E-mail
[email protected]
------------------------------
Date: Fri, 05 Jun 98 07:12:39 EST
From:
[email protected]
Subject: 15th century time machine to suffer from millennium bug
The oldest time machine in the world destined to suffer from the millennium
bug has been found in a museum in Liverpool in northwest England, it was
reported Friday. The 400-year-old instrument, which predicts the position
of the planets, will stop working at the dawn of the new millennium, unable
to accept the date of 1 Jan 2000, like many unadjusted computers around the
world, museum curators said. The equatorium, built by an unknown craftsman
in 1600, predicts the position of the Sun, Moon, other planets and even
eclipses through a system of rotating discs and arms. But the last date
inscribed was 1999. "It must have seemed like an eternity at the time," said
curator Martin Suggett. [NOTE: These short-sighted engineers. No wonder we
have all these problems. From the Japanese press, 5 June 1998.]
------------------------------
Date: Fri, 5 Jun 1998 16:44:46 -0400 (EDT)
From: David Wittenberg <
[email protected]>
Subject: UK libel law vs. US free speech
Dr. L. Godfrey is suing Cornell university and a former Cornell grad student
for libel in London complaining about messages posted by the student
(M. Dolenga) on the usenet group soc.culture.canada 3 years ago.
Dr. Godfrey has previously settled a case in which he sued a British
physicist and won a libel suit against an Australian ISP. He also has two
other Internet defamation cases he is pursuing. The general issue here is
that UK libel law often prohibits speech which in the US is protected by the
first amendment. If the usenet articles were written in the US and
transmitted to the UK, which laws apply? "English Court May Test
U.S. Ideals on Online Speech" -- *The New York Times* (5 Jun 1998,
electronic edition)
------------------------------
Date: Fri, 5 Jun 1998 14:58:23 -0700
From: Li Gong <
[email protected]>
Subject: Re: Disabling Java and JavaScript (Byrd, RISKS-19.78)
If you are worried enough about the level of risk that the Java technology
(allegedly) brings to you, I wonder why you are brave enough to use a
browser, a MIME-enabled e-mail reader, a postscript viewer, or a PC.
Li Gong, Java Software Division, Sun Microsystems Inc.
------------------------------
Date: Fri, 5 Jun 1998 15:53:38 -0500
From: "Edelson, Doneel" <
[email protected]>
Subject: Y2K financial risks
My company is the major credit insurer in the the USA (and the parent
company is the world's largest credit insurer).
The marketing department issued a bulletin today outlining the Y2K
financial risks in selling on credit to other companies, both domestic
and foreign. The focus of the article, of course, is that through the
purchase of credit insurance from our company, a business can protect
itself against the risks of non-payment, slow payment, and insolvencies.
What this means to Risks readers is that the large insurance companies
will monitor the main industries and businesses and provide early
warnings of financial problems to their clients to reduce or stop
selling to those businesses that are at risk of becoming a problem.
(After the proper warning, the insurance company is not responsible for
any further sales to those businesses).
------------------------------
Date: Thu, 4 Jun 1998 20:59:47 -0400
From: "Robert J. Woodhead (AnimEigo)" <
[email protected]>
Subject: Re: Referer-log security hole (Barger, RISKS-19.78)
The difficulty of suppressing the Referer: field is a long-standing
problem that has caught people many times in the past. And it is much
worse than people think!
For example, if you are on an Excite page and TYPE a new URL into the
Location: line of your browser, the Referer: field contains the URL of your
current page, even though you (logically) didn't come from there! This is
a massive security hole that has been reported many times to both Netscape
and Microsoft, and never fixed.
The only way to prevent such information from being passed is as follows:
1) Make sure that there are no off-site image references on your page; they
get the referer too. If you're using a banner exchange service, better
hope they are trustworthy!
2) Make all your links to off-site locations indirect through a CGI that
returns a page that uses the Refresh Meta tag to load the final
destination. A CGI that merely redirects to the destination page will NOT
be sufficient; the Referer: of the original page is not changed when a
Redirect occurs!
You can see the proper technique in operation at
http://selfpromotion.com/queue.t
------------------------------
Date: Thu, 4 Jun 1998 19:30:57 -0700
From: "Sidney Markowitz" <
[email protected]>
Subject: Re: Referer-log security hole (Barger, RISKS-19.78)
In RISKS-19.78 Jorn Barger talked about referer logs capturing people's
Excite passwords and implied that the web search string he mentioned would
find such logs. Perhaps this is what he meant when he said "it gets worse
and worse", but the problem really is much worse than referer logs.
The actual problem is that Excite includes an encoded password in the URL
and that encoded password is all that is needed to access and change the
personal information that one keeps on the Excite site. Many of the hits on
the search string that Jorn mentioned are not referer logs but are pages
such as "John Doe's Bookmark List" where someone has published their
bookmarked link to Excite, probably not realizing that their password is
encoded in it. The resulting URL allows anyone to view the personal
information that was entered into the profile and even change the password
as a denial of service attack.
On the page where I could see one of these John Doe's name, e-mail address,
zip code, gender, birthdate and marital status was a link to Excite's
"Privacy Policy" where they displayed in bold letters:
"Excite will never willfully disclose individually identifiable information
about its customers to any third party without first receiving that
customer's permission."
Other companies provide customizable home pages without creating URLs that
when bookmarked give full authenticated access under a user's id. I'll leave
the details on how to do it as an exercise for the people who get paid to
think them up.
sidney markowitz <
[email protected]>
------------------------------
Date: Fri, 05 Jun 1998 18:45:04 +1000
From:
[email protected] (Mark Nottingham)
Subject: Re: Referer-log security hole (Barger, RISKS-19.78)
This is due to the poor planning on Excite's part, not any flaw in the
protocol. After all, a URL is a UNIFORM resource locator, and shows the path
to any definable object.
Excite has just misused it; it's perfectly acceptable to use the query
component to specify user-specific info (so they can 'log in' from
anywhere). To have the authentication in there as well is lunacy; it shows
up not only in the referer, but the History, any bookmarks, local cache and
any proxies (and their logs) between the user and the server.
Mark Nottingham, Melbourne, Australia
http://www.pobox.com/~mnot/
Web architecture, design and programming
[email protected]
------------------------------
Date: Fri, 5 Jun 1998 20:31:22 +0100 (BST)
From: Paul Wright <
[email protected]>
Subject: Re: Referer-log security hole (Barger, RISKS-19.78)
Jorn Barger points out something which people who run their own web-servers
have known for a while. Last year, a friend of mine ran a server with the
host name of "tickle", named after the Mr Tickle character in Roger
Hargreaves' books for children. The site had multiple occurrences of the
word "tickle" on its pages, as well, of course, as in the URL. The referer
logs from the web server frequently cited search engine pages with query
strings which were fairly revealing: it seems adults associate tickling with
things that children wouldn't even dream about! I suppose a serious
situation could arise from this if an unscrupulous webmaster combined this
information with ident daemon logs the server also keeps.
Paul Wright, Churchill College, Cambridge
http://www.chu.cam.ac.uk/home/pw201/
------------------------------
Date: Fri, 5 Jun 1998 16:49:20 -0400 (EDT)
From: danny burstein <
[email protected]>
Subject: Re: Navy stops teaching celestial navigation (RISKS-19.78)
Numerous folk commented on the US Navy plans for dropping most of their
"celestial navigation" courses, in favo[u]r of additional training in use
of, for example, the Global Positioning Satellite (GPS) system.
Much concern was expressed by RISKS contributors as to the dangers inherent
in this reliability on high technology - a story well known to all readers
here.
Might I suggest the obvious solution to this quandary?
There is, indeed, a completely separate and fully functional backup to GPS
currently in place, namely the GLONASS system placed in orbit by the
Russians (and their friends).
Given the fiercely competitive, yet complementary, nature of this second
system, it's highly unlikely that anything short of our sun going nova would
knock them both out. In which case, of course, loss of GPS would be the
least of our worries.
And as an added benefit GLONASS doesn't suffer from the deliberate
degradation placed on the US signal.
Danny 'overhead, without any fuss, the satellites guide the way' burstein
------------------------------
Date: Fri, 5 Jun 1998 17:48:08 +0100 (BST)
From:
[email protected] (Michael Comiskey)
Subject: Re: Navy stops teaching celestial navigation (Kuenning, RISKS-19.78)
To add to the fray on the navigation issue:
> ... but I'd bet they can get a new GPS broadcaster online in
> minutes if they *really* need to.
This sounds dubious. The USAF and USN ballistic missiles are relatively
small suborbital rockets compared to those used to put satellites into
orbit. The Navstar satellites used for GPS are pretty hefty beasts,
requiring a large launcher. They also are in a high earth orbit. I cannot
see how any of the US ballistic missile fleet, (even the Peacekeeper) could
be used to get a navstar into a usable orbit.
While there may be some emergency system about, I can't see it being as
accurate as GPS.
Michael Comiskey
[email protected]
Systems Manager, Ulster Museum
------------------------------
Date: Fri, 5 Jun 1998 16:36:48 -0400 (EDT)
From: Una Smith <
[email protected]>
Subject: Re: Risks of online phone books (Epstein, RISKS-19.78)
Regarding Jeremy Epstein's report of a false alarm gunshot wound, I have had
similar but not as frightening experiences. I have a very common surname
and a rare given name (it is so rare in the US that I am constantly asked
about it). On two occasions, I have received personal e-mail from total
strangers who assumed they had "found" a long-lost friend or relative on the
Internet. The highly personal nature of this mail was disturbing to me, and
the authors were more than a little embarrassed to discover that they had
disclosed such personal information about themselves to a complete stranger.
And let us not forget the innocent third party: the intended recipient of
this mail, some of whose personal affairs were also disclosed to me in these
letters.
Or maybe these letters were just a new kind of sucker ploy meant to get me,
a woman by my given name, to exchange personal mail with the sender. I
almost miss the old days when undergraduates at sites in another state would
send me Unix talk requests that began with "hey babe, I am watching you
across the terminal room", assuming a "babe" would not know where the talk
request was coming from, or something...
Una Smith
------------------------------
Date: 31 Mar 1998 (LAST-MODIFIED)
From:
[email protected]
Subject: Abridged info on RISKS (comp.risks)
The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
if possible and convenient for you. Alternatively, via majordomo,
SEND DIRECT E-MAIL REQUESTS to <
[email protected]> with one-line,
SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] or
INFO [for unabridged version of RISKS information]
.MIL users should contact <
[email protected]> (Dennis Rears).
.UK users should contact <
[email protected]>.
=> The INFO file (submissions, default disclaimers, archive sites,
copyright policy, PRIVACY digests, etc.) is also obtainable from
http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info
The full info file will appear now and then in future issues. *** All
contributors are assumed to have read the full info file for guidelines. ***
=> SUBMISSIONS: to
[email protected] with meaningful SUBJECT: line.
=> ARCHIVES are available:
ftp://ftp.sri.com/risks or
ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>cd risks
[volume-summary issues are in risks-*.00]
[back volumes have their own subdirectories, e.g., "cd 18" for volume 18]
or
http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue].
The ftp.sri.com site risks directory also contains the most recent
PostScript copy of PGN's comprehensive historical summary of one liners:
get illustrative.PS
------------------------------
End of RISKS-FORUM Digest 19.79
************************
